ansazx[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ansazx.exe
Size

610KB
MD5

1d132b7a35d336fc7b2aba2c52346f3f
SHA1

a95122c3b1cd3298264c0545d119d7e83ca8d111
SHA256

fa50f197e39eb37efdbd83462dd11e3057e45f88d9acb8b7e99c50c44c1936b7
SHA512

86efb716ab4aa0bee25d058e5be5142d016a4702034b05884ab65089e0c55e216d93be8a84863aeaebf059fdd3f63f1917936a656bd74b934b4b7ba45675df86
SSDEEP

12288:UVpoPD6nPc839qzcD3SBW2/kBLpNtPimpdNj5py5hyXA:cpm0zDXZpL1pdnp4oQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ansazx.exe

Files

ansazx.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 606KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ