file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

63KB
MD5

e1c179ec1ec91421568d8ac2b58545a0
SHA1

844dffe387d9aa47ca58e4b43ed6ee22a6dc3519
SHA256

6fb8ac0046086bc85ff8557162847cd203bf854801f3dc97f4715a5f5b4d1300
SHA512

8965aefdcfd4f1eb2d3344b5c2709aa2bde1569b0e18a7e773aeb3e0c8c7a0a0431599a37dc9d8ebdb84457616fb3b54ae125bffe83cad8bdad4a237b800fc5b
SSDEEP

768:TNT9lcP7/L+u9JsNFcC14Fq2H0mSnMbEJ5ENba5JKUkg9oRvmj7ROW:TV70/L5zsNF4/EMbEkiKLg9Z3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ