a[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a.exe
Size

290KB
MD5

939af5c9b514bf21c22813a842864266
SHA1

cf47aba890687f64b2866e0612014a4f7e8bd44d
SHA256

be0d902b29bf0a2bba5533dfb11b88353e97886af01151f44e17ed7be676aae2
SHA512

6f6d9ab4b901d6e8268c6133f7b0190b9cf4d42e7a7ddabe831e1b0e2cba90f747f62eefe10c10efaf4ac6cae380f2b270edf33dae0e426f5e1151a563af8b4c
SSDEEP

6144:1rXHD4stFNh097hUwg9/1MHwgxxNg7p89bLY9YocTckbd7oY+3gLC4rbyyt9/N/k:1rXHdNh097hUwg9/1MHwgxxNg7p89bL8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a.exe

Files

a.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 288KB - Virtual size: 287KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ