Documents[.]exe | Triage

Sharing

General

Target

Documents.exe
Size

839KB
MD5

88c130e7efb710aabe1471e14ca48121
SHA1

8e69f8753790514bdfd54007083033acff137641
SHA256

34a8585e0643993caaaa6c3fcd9933354087422062d3c887dada1d65b570bfb3
SHA512

00db282e665827f8a7ad738f718a69e8fd31155a1c7250277ffb83dbab96004be18b4070bb7d381fb3e90142af4d2be8ee01f9077311bc1078451b5b1f72f1a4
SSDEEP

12288:0rgDpAy3oHlWxMzIHREJVk/bq4izoW/m7/ffyinvjrC75yH4sKmtHgE8I:0MGkoHlWxMiQW/O4ue7X77rCsumtPj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Documents.exe

Files

Documents.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 831KB - Virtual size: 831KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ