uTinyRipper[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

uTinyRipper.exe
Size

594KB
MD5

ef7cd8dbc3fb3e6b3b3919a14749d96d
SHA1

d1d0de9d2d5c57d35a5a9706aff7ae92132ca71f
SHA256

5c428dad7577ca858716fba528430ad86e2f31891067a4233846b70da3577f38
SHA512

3852663b118829a66d7e510f48f8e8a79650afb4b1f8be29702798dfdf08107119f4bd27161aac5c22e1124f5b89fede9b970f8773b1d21a9bc64da677c03820
SSDEEP

6144:3NUJMns1fzxnk+qZvyZg0oCoOdOJhAMs9v9tHW3+sDtR3+wh2:C2nsIAoCbDa3n3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
uTinyRipper.exe

Files

uTinyRipper.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\projects\utinyripper\Bins\obj\x64\Release\uTinyRipper.pdb

Sections

.text
Size: 491KB - Virtual size: 491KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ