Booking information[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Booking information.exe
Size

300.0MB
MD5

4bc820a991fa7f46fe65494c52b86987
SHA1

68ef6a1f485991da1e129d4f5f7d249fa3a8289e
SHA256

a95bf5fb27ab469e56e2037b0105975e089d71dbbd72cc9e32f7984fccfc89eb
SHA512

d531a6aa6dc3b3f0f121905521e8912a66cf4f00951cc89a43e67e064c4b4816b666a72bdd5e234abbcd7e2b96d035abb36926b48a51d13f25b2215dd7dc057c
SSDEEP

12288:Df5sMoDRmXj+NjEk5RA6I1XS1Ii3bDEMpa6zi2XV:Df54RmT+N1A6kC1rEMpa6F

Score

1^/10

Malware Config

Signatures

Files

Booking information.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 522KB - Virtual size: 521KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ