testNotepad[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

testNotepad.exe
Size

37KB
MD5

3940dd23569dc58b776e30037e230720
SHA1

c7d089d1956015355521f840835d736507ad1e56
SHA256

636f8cf1b0c916e578b0b8e78fa2797f55e7dc7a2cf963ee8805accde0540b2a
SHA512

ed0670953beafee24d6de252528b2508b3c938e66855d9e6f6b8b847def0229e1e474416c8450537b3001e843ee739e9334444b4af93ba7b4e8112bde5cc7a92
SSDEEP

768:1sJXiqNqG4Y1g0NXXwbywi/piXsGJ3x7fwCw:AAGj1gQnft/p6sGJtfwF

Score

N/A

Malware Config

Signatures

Files

testNotepad.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ