PO610008532[.]exe | Triage

Sharing

General

Target

PO610008532.exe
Size

2.0MB
MD5

b7dc4b65e6239c0d20bcb4b59f5c644c
SHA1

e166cebfa0fb6e9e04f64f2f61dca71b49ef9e44
SHA256

3fc300b0b16fefb8d0dc08f09803d7dbff6be6ea2a4c87833fb285499a3fc6f0
SHA512

851b73419737a32ce06701e1d5ecbc32be6a5777709460a81afdc92d2b8ca322ae3fd93650610959f7921b41ae5ef99d2859a9949918f94fe4a673b759ed2607
SSDEEP

12288:D/cOS13ZjYXegrTuXXlC+pEXdOMnmfVWWd8wWDOZQgOxwr:afPWDOZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO610008532.exe

Files

PO610008532.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ