litehttp | ce4pMzk[.]exe | Triage

Sharing

General

Target

ce4pMzk.exe
Size

48KB
MD5

d39df45e0030e02f7e5035386244a523
SHA1

9ae72545a0b6004cdab34f56031dc1c8aa146cc9
SHA256

df468fc510aec82c827987f54b824b978dd71301f93d18d71e704727d6dfdfa2
SHA512

69866ba5b53d1183a0899e3d22ff06111ae2e8df429beeb853c89f3ed0afb015dd4139b1c507566ffb0fe171a4ff1b318247b7a568dc492d9f71266f5c848a64
SSDEEP

768:RRMOTuQwOYZiyYcpbEzlwF2g9ap4nLBFvpzbHyV6N55IHFKSu87W78aETvqtnqUg:7MOiQwOYZEcKzlwb9u4nLbvpzLy0N55q

Score

10^/10

litehttp

Malware Config

Signatures

Litehttp family
litehttp

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ce4pMzk.exe

Files

ce4pMzk.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Badus\OneDrive\Desktop\DLLInjector\DllExecutorApp\DllExecutorApp\obj\Debug\Anubis.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ