PO[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO.exe
Size

236KB
MD5

ebc282135b270cc4f94c3dc37cfcdf74
SHA1

06d40ab00a9d2d6ff3fe4a4189b4de88263c3645
SHA256

2218cb9e3e826feb6be7d7d10b279f8dc34b57b6a9f981fd98fb1591529be1aa
SHA512

4ee4f31711b66ccd98c182010e93d561a7a1c5d01eb41d09b84be502936e8ae2941687b50a88477f43f47c6e09c48cf90bae4de2014aa58ff4fb83b2e7c7a561
SSDEEP

3072:bGg/8iU7X8j5v5tKC/k71hEbaFSkjiRrPN:bGi8Wj5v5tKC/9a+

Score

N/A

Malware Config

Signatures

Files

PO.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ