8a824abec4e973c7038c873060cee403a8596b1d2aaf8b77e1dd20767b0a3ed9[.]exe | Triage

Sharing

General

Target

8a824abec4e973c7038c873060cee403a8596b1d2aaf8b77e1dd20767b0a3ed9.exe
Size

16KB
MD5

20e3d1a93ba429bc90627571e06ff57f
SHA1

c6b4443444a6ab14597b089e6a7a1077547aa8f4
SHA256

8a824abec4e973c7038c873060cee403a8596b1d2aaf8b77e1dd20767b0a3ed9
SHA512

a770d921419a03078da38da79428f5f1d901b056c1cbb4d94455c712a34d9a2b39f010d98cc964634529e974e58ccafc6ad49881970bd2d3c446f8eab9795140
SSDEEP

384:hgnL2Z5rpq/v+vL7vpkFJPEtZY/gqS2gMOXO8:KnLIVav+6DP/9gfO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a824abec4e973c7038c873060cee403a8596b1d2aaf8b77e1dd20767b0a3ed9.exe

Files

8a824abec4e973c7038c873060cee403a8596b1d2aaf8b77e1dd20767b0a3ed9.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Malware\Desktop\Liberum Screen Rat\Server\bin\Release\Plugin\Shell.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ