file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

76KB
MD5

5d9e5b0645fc06f9c6ff785b4582ae5e
SHA1

945c95ecb2e0a4dcd0e3fb8d9112cb44b41bf207
SHA256

917f0c9d74330677207bc22b6c27d4087f6dfef39b69ff598925a15d6e58b4de
SHA512

5b38dbf8256db06f868c22ea38dcd50418e8c9103be98fb5d1b94f531047a273f6b073f6603c86e7bce0e3b02cad410aa6c21bcc7dc80503a9f32e8e9b180dcf
SSDEEP

768:ruZGC3q2nxStIoS0gcJphclDFXSeI09Y0j+bHnAKEAcHcEdzBmNfeqk5ObK9NChz:CGC/s/kiSSe35NHcE+9k5ObKbCG90+E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

+ ;alYg
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ