Onaylama[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Onaylama.exe
Size

779KB
MD5

58ed7b45f9a275e2f338d61771a64687
SHA1

3067e14aac837237a0f119458e09ccb305b46cba
SHA256

76f01e4cfcfc115b4c26f3cae977d3390a6d205ed9ac87c74d471b3dda4bd4a2
SHA512

7cfe5457686869f73d81da56800cae400cef69667f8f17fb14df87fe8629cc30f1c6a347aa33a44fedff9515603088f31a3942dcba00ed37ea9fd75a9591d60c
SSDEEP

24576:wMU6SHlWxMiQW/O4ue7ujejax6r+zFbJJyGvd:qJlYMiQWmS7QejShJLyGvd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Onaylama.exe

Files

Onaylama.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 771KB - Virtual size: 771KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ