file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

2.6MB
MD5

1a8f38b2854ebfad83ecc646dc047b77
SHA1

356dc474794324abbd4a79da4cde92f6c18100a6
SHA256

65783207d43d23aa9865e62e1f1c839b0c3dc79445c665a7baef7b6fbf5cec9c
SHA512

fc02ee69280e78555b5c94b6f76be454f243b59765e29d273786b87bd96d550e2ccda0279fc6f48d40d247979854e2a70bcc40453936bb1bc0f81b3a3f8310d4
SSDEEP

49152:+nMl6l/U3rAgRoJqBnYHPAjn2QT5Yi5sOyAX+qzojWD240uqR1Jjr:+nMv3rAQBIPO/2esLAXkjWB0tJ

Score

N/A

Malware Config

Signatures

Files

file.exe
.exe windows x86

9af8c7875b770a448bb7b4955a805d2b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

shell32

ShellExecuteA

Sections

.MPRESS1
Size: 2.6MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE