generated30[.]exe | Triage

Sharing

General

Target

generated30.exe
Size

938KB
MD5

2517b502d7714a4e384044a0b6c2a157
SHA1

aa974d57b3b42a1a72afbe2520ae7333e35d7531
SHA256

66fc943f11f465b81234c1fd1a9dfecb87082fe2560a0b1865c2679a927c76c0
SHA512

f3a87225fecced58e540bab65087e45f7340307b77673e566e7074354cf3f4668815ce56bf5f04fc6dba847a0330fc89cc7c8a4ca48d2b725e39a564f4ae46aa
SSDEEP

24576:q7DB0lkqjVnlqud+/2P+A0+lyv0PTVbUkIaMUcfL8lNsO:q7F0lkqXfd+/9AHly8Pv6Ucz8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
generated30.exe

Files

generated30.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\attat\source\repos\Chromium Cookie Extractor 3.0\ChromeExtractor\ChromeExtractor\obj\Release\net462\conhost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ