documents[.]exe | Triage

Sharing

General

Target

documents.exe
Size

753KB
MD5

e53804e1c5cec72d938424d8a07788f4
SHA1

09e168d35f269c613e45e1f898270a1b07493cc5
SHA256

d9e6629d10acc5f2c14986434a8ecf599c025ea5250015cb15dea536f05b61e8
SHA512

657dc6de18ae34c9b434a05e29a403d8813a801c3aa64665b2fb66e77e61e2a423b5c3f26a5fe97424d08e07d91f498362a6287a21514862d4605ad2432ead37
SSDEEP

12288:qKVC6YN1Px+70pKXQlIj5g15HFuiXRjr13VLHQ7J3A3i73SJXC56Aqgcx7Tx8Cl4:bZ5g1buWRJNQ7CDlDxHxFJoT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
documents.exe

Files

documents.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 750KB - Virtual size: 750KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ