PRE ALERT DOCUMENTS[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PRE ALERT DOCUMENTS.exe
Size

855KB
MD5

a9c1fd60dc8362a8a7f504d613b4f66a
SHA1

3337f85b2e148df0bc1e78d8ff244b259284c00e
SHA256

fbc745c53390b016e0f8520fa691f4341559b57467515ea230ef7127232bce87
SHA512

3dfad862e7b5db03d04db8f9883a62e44d81e7bdcbcdc647af4218b8bfabdc2bde04082c6cc7c30d1afc44ebdc7ffca810c42490f5c97fc8d9c046308904b1a5
SSDEEP

12288:vE6NBSJ1F7wr+FEa9YsRXzWLTcEx5lAmKW9Xg3k:MySZ7RXycvW9Xkk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PRE ALERT DOCUMENTS.exe

Files

PRE ALERT DOCUMENTS.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 852KB - Virtual size: 851KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ