SHIPPING AMENDMENT COPY[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SHIPPING AMENDMENT COPY.exe
Size

856KB
MD5

b08eb2bb8538a4a1cd79a57a637e0128
SHA1

a765a74eb871d5916dbd085938854bad8df8dae0
SHA256

3d643f99064c4f37df835920535fe10e6875dc5c8e3179a307d03edf43d11442
SHA512

0893349f90b251f8bfeace4b355d4a22110aae02437f9c7350d1b7fa561026e46398cd6eb3825262cadde51928a49653e989f1f6ec016645f3b9538e356dbee7
SSDEEP

12288:7P6IR/4veSx4rckqGqz0g0diuBf5uq4mOTaGwkq31+TYU3v:76C4veSx4Dq/z0fnv4G+TYU/

Score

N/A

Malware Config

Signatures

Files

SHIPPING AMENDMENT COPY.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 832KB - Virtual size: 826KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ