P-0176-01-S-RM-015 [.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

P-0176-01-S-RM-015 .exe
Size

430KB
MD5

51a8f77855919d585cd9c018539933c5
SHA1

25976581b89118e8fcb8e32b25ffe97e6588aa44
SHA256

a791e98f4bf9f167ce7cf02a053c9eb280969237e4aa0699a23525fd3cfd2013
SHA512

3d40fcff702a77c859c4f48de7e422a94e53a6829c529d6949ef7fdef55bd6943935b6606457f7dedad072ed3cc29a35d760cb451b78c3a0a2e3fce1d0de7191
SSDEEP

12288:H/VhheOVLQ4ptPkYDL5bdlBoENhugXQF+cp:pJ9FhlBoENhuggF+cp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
P-0176-01-S-RM-015 .exe

Files

P-0176-01-S-RM-015 .exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 420KB - Virtual size: 419KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ