gunzipped[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gunzipped.exe
Size

14KB
MD5

c66381bf6c218f7a2b195ff66eb1bad2
SHA1

34ad140fb519329d1ff73512f0c87dc0061e2297
SHA256

d3f08a55d341c62fc5ae5c69aecb7a97ec514c11649bd2d77d187bd30b87d066
SHA512

36ea6e36d7f7be941c5a5efd1a3560e8cc105e460172b9f43235cb853e22f0f64076b9819c7ad3a0de19c49b24733e0dea749602bb571923a757831438873a53
SSDEEP

384:jedffffdRZuRXlp5LMT/bF89WH6gFxjrEvIOldYQ85LKzY:CLRZuRXdQ8U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gunzipped.exe

Files

gunzipped.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ