04558199[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04558199.exe
Size

2.0MB
MD5

9bcda1c9710f60d643288dc4f4ecda41
SHA1

c38a7613e0715f4a0c82115a40baba4747607ba5
SHA256

df2440cda8d26f467ed7b5b6ac2fa2097940f15049428c99a7c3b23156901810
SHA512

bad049ccecae7b391c98f959ad18b0cb5a43e8ad46662358e2736299c983ac7000fe35da83e3d130bd2f83356c7f8408fccd7d5e04c33371d9111696b7875746
SSDEEP

12288:9o11O1Y9OiGvHEtjfjg+ip2s1ZBDfh8MWWB:9W1OJHEt7jA2shDJZH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04558199.exe

Files

04558199.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ