SAM[.]Picker[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SAM.Picker.exe
Size

51KB
MD5

ecde7ea1b21cfc69aac007859a23581a
SHA1

98d66ccb4735fc9e8d5cb511106f1f555c051d5f
SHA256

3f393afa3e341a3b46b7455a7dfbaab4c51c21939c911f1c1cda27b7f5eccb9b
SHA512

a0da74c379a1ed2e11e60adeae074f666e99d1cba3be2f41b8c1547239f4b8fac365408540b9904fa1e4f180abecc7cc631e92ce412dd6fa30af07143dccfb1a
SSDEEP

768:XobfAp/3GcLvmxzYogzDn3/q7SvFwJ+PUF8Kvs:AWGWm2osn3O/MNas

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SAM.Picker.exe

Files

SAM.Picker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\projects\SAM\SAM.Picker\obj\x86\Release\SAM.Picker.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ