Inimu[.]exe | Triage

Resubmissions

05/10/2024, 19:57

241005-ype13s1cln 3

05/10/2024, 19:55

241005-ynfwzs1cjm 3

Sharing

Copy URL Twitter E-mail

General

Target

Inimu.exe
Size

815KB
MD5

1fb41013c09d52d80a25693f81af9764
SHA1

130107e01730dc7f65d01affe8c9f1eed3935e06
SHA256

a70a0fcfacf40a05a37e6caed88cf7e79df327247f8d47545825ddeb9e9919f0
SHA512

544728cc1a7f0d29f43a1ca23dc6d16524fedb4f27d26303fa81a22919b49db3682adecf02adaa3d412a0f30a35a809943a687e3024092fcb4589d68beecc4c7
SSDEEP

12288:IsVrTwazlsdLacQfeQijz8XX7wsAKJMBAFNVkF77RlzN7+:oa7wsAKaBApkF77RpN7+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Inimu.exe

Files

Inimu.exe
.exe windows:4 windows x86 arch:x86

Password: 123

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\spoofer\Inimu\loader\obj\Release\loader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 605KB - Virtual size: 604KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ