pes6[.]exe | Triage

Sharing

General

Target

pes6.exe
Size

20.9MB
MD5

bf39628cef60df46d0c8e1b4e220ffe6
SHA1

87d7c7cc4369ab65335e84f5e30835ad4597d9ab
SHA256

f61dc6f07401b8bc383d4bb69c001a6bf38f6557eeec7a9c261b581a4effdc1a
SHA512

6f0758faf7f9c5d1630f5666b7a31a1c6b0b65837082d8a1a7ce1402a66879bef8b6ca76c1a70646fd24a742d9840ac0cadda1ef3e8548ead2a4d6b6f57464d5
SSDEEP

196608:ztw3zknkf6miwpHu9GSEUyJRfkuWUQINRLWbX7iE47lFaK+9rWJfgcQKV18U2q:RUi1GdUyJRfkxGSGf+1ug9KV6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
pes6.exe

Files

pes6.exe
.exe windows x86

Password: infectadp

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

��V
Size: 7.5MB - Virtual size: 7.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 280KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.9MB - Virtual size: 49.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

age
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

agis
Size: 1KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

quod
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rld
Size: 3.4MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE