S0FTWARE[.]exe | Triage

Sharing

General

Target

S0FTWARE.exe
Size

17KB
MD5

d3ddf810af8bba4a931f8eaacd9a027b
SHA1

005036f0441ce6b58c8a5aa9d570de55fb48bb42
SHA256

f1ebc79bd06204885ea85fd1a3e64fdf9b4f869b3c4cbfb241622d03b41fa663
SHA512

e81ed3d2c2a9e6784f8a1c9172544a37845b22f94b4e9d4b5fa6e92e0319b1d93413cc3fc9281e55edd18242ff4a81ac43b5e7bf4341d77525c93c8636175390
SSDEEP

384:dBsoiwi/erATTM8r53VzbA7WtylpDoTPao9TimCt2:dcewrltb2pOao9TNCU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
S0FTWARE.exe

Files

S0FTWARE.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\danar\OneDrive\Рабочий стол\pereve\Обязательно перенести\ОЧЕНЬ ВАЖНО\projectsC#C++\repos\ripatrar\ripatrar\obj\Debug\ripatrar.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ