file[.]exe | Triage

Sharing

General

Target

file.exe
Size

488KB
MD5

f111d9f0617aff118cd418a0993cb9b0
SHA1

66c65ac8fc45d5bbdbe31f5f810f95a016c50483
SHA256

34cd4efd5b358e557b88e0cc4a3bb16019664d074ee0c9b895ad49c44b2ce2da
SHA512

62547988e61a7be781530c2c111db01baa6427a5d2bf9ea8792f349fc3df78067a37d469f152bc8279a5e2053d5ac2ca7b94e5718a7f7e59e3d95faf6e241fdb
SSDEEP

3072:JJLfTp9bRDbyGw7UV3VOVOVcEPV7mwCUivdBiT285SJpVQz8u8Lo92Z5C75Pn19Z:/vb1xFwwPEjVZZI75tmZZIr5r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 382KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ