attached Drawing[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

attached Drawing.exe
Size

639KB
MD5

6f7df08a1c9460f2db8c1a9397e47d49
SHA1

187484c2367260b855c002792965e14ded8dc139
SHA256

de59559170968acc750e3a862b5125ecb1c0be7fd5bfd58cb1981e65fb147aaa
SHA512

4c43b28f8be8d1d51c20e778c6ec5065a9cc0c87a24587e61f87700a1e4d5cc7e998032209875f1aa587fd46a700b0c2e45e63c039a7666a4f8817d69ff37459
SSDEEP

12288:NwPYPfY76Z8FShozg+xEQIdUPoMgPIakVmya+fMz:2PYPgyhozFimon0Nkz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
attached Drawing.exe

Files

attached Drawing.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 631KB - Virtual size: 630KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ