file[.]exe | Triage

Sharing

General

Target

file.exe
Size

4.3MB
MD5

4e40e00be3370fb1f562b1e09e1275c1
SHA1

083d017b2a7d25e643ffb14e81a49afcc5e27470
SHA256

8a2e061b3b38dff83f62982a6b0087e5c4ea1c47192bf0ac2f8f67397636b164
SHA512

94c7b158b3300b5afa9128f30b62946775698e4c33518bda2369a8737685f4016bc6c033f0096238876c909260a7fe92b1d79c953e357d1bbfb3bf9a950cf082
SSDEEP

98304:jUu64pByjFQ/1m2L4PkWjvsj9cSFzIcNO:TByJqm7Yc2zf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

file.exe

Files

file.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ