PacsClient[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PacsClient.exe
Size

648KB
MD5

64500b4031330b616b50debce5076e04
SHA1

9510f9172cff411bf65fbe5cbacf7f2a95e2002e
SHA256

d2402795bc33d8bfd366690b23aa2f3463aeb5c69bc233d975a1b3eb7ecc1ffd
SHA512

e4bab40497fcdf5bb972c40d5c497c834a71b988eaa7338d370ec7508db198b171bedb5e6ded3178167945c0b79df09c031d5046c17595b1a1ae24229c81fb90
SSDEEP

6144:xOxZp21bm+2LFFJJFrSplMsTq724/yYo3BgJFrSplMsTq724/yYo3B7JFrSLlMs+:Yh2s+MthSpN1rRqhSpN1rRVhSLNbCv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PacsClient.exe

Files

PacsClient.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ