EXEploration[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

EXEploration.exe
Size

6.4MB
MD5

703a3e9ddebd48a3e9eea6901c69efb7
SHA1

dccb9ad0e4e30e38e62097b6112e63787d1b71fa
SHA256

3ea80d14d46563e000b4300a80edd83c1c382f1240723ff79d197de4b1fc83bc
SHA512

a0c8efc873c88a85c3145563f332b7f1367a1d3216fc11b46ca5dd5de770ec7cfca6cc43a2b3b354831f3848cd2886778a39ccdbb73272acf4ca58995064cc22
SSDEEP

98304:P0s237GL3SwDi/6StcBmdcGpPk3iFAK4u14N1cezFVWUCRGs8y:cSL3SQi/6lBccMPAwAKQN1fzKUK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
EXEploration.exe

Files

EXEploration.exe
.exe windows x86

413f1008824d53fdd595dc784d598598

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnhandledExceptionFilter
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Zq~
Size: - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.b<>
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.w-6
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ