PAGO 48943[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PAGO 48943.exe
Size

625KB
MD5

92e2cf56170980bb675d19caad6f9edf
SHA1

c5339823f45be09ce90b08a1c444304df1df0feb
SHA256

9d31c9cc465643be87d49f2b8be2a4500e8f5ab048e6327f407942fd8f02da53
SHA512

cefd93771a28c583168cf432e092fb6a1fbd30ec1b7a8aa20534651dd63fe1ea7f8437db70d0188a40be40e94cb6e870e2dbc40caa3623aafb849078176e3b3c
SSDEEP

12288:aWc/bUYIsYolnCNSJMWqhJKYaWgtwW33QXpRJfFJ8E+z:JiXrYoVOXPKzlp3QXpRJfFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PAGO 48943.exe

Files

PAGO 48943.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ