litehttp | S7fiTRL[.]exe | Triage

Sharing

General

Target

S7fiTRL.exe
Size

56KB
MD5

c8723bca6d83cbad8cbc75ae323d749d
SHA1

e40e8e84186286495aaff872e74afd6bd9c0aafd
SHA256

6688a94f9872a333a01e925207a7a356dfb8e7083926cd5218a572ec67c2d458
SHA512

28e902f13fbd8cca7cab58df38306d85e62c98eced62e96bffce205a3bdf1f0f411830ed77373905ba6ae040536dc6da188fbdaec1db6f63e97e50e50c5a9700
SSDEEP

1536:DMOiQ4BKCxOhU8WdJmQ/KawN9Qe6cr9bAJZXjof4vLa0:DxizBKCyU8WdJmQ/KawN9/r9bAJZXjiY

Score

10^/10

litehttp

Malware Config

Signatures

Litehttp family
litehttp

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
S7fiTRL.exe

Files

S7fiTRL.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Badus\OneDrive\Desktop\DLLInjector\DllExecutorApp\DllExecutorApp\obj\Debug\Anubis.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ