mailsync[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

mailsync.exe
Size

943KB
MD5

0011948f5467f007c5c38665c99ed191
SHA1

cdfbfe6181074bf6ceaa573c1c1f6729fa5bb563
SHA256

d8102fb409448b2898fe4776a51b08f89d01fd36e21d2769d082b122bbe1da77
SHA512

9fae4f69dd1d01ced171dce7fbe7cdb33788b2b4f375cc8ec3e0dc92b0a124a6cae01a7f77fdbabf34d9cabd18e7b0dc2e721ae271bc0ac691a987953e91a9f2
SSDEEP

24576:Ip1uJfplk63P/r+T8cE7den3h3BaPoLB333u:IqlwZE83h3QQN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
mailsync.exe

Files

mailsync.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 874KB - Virtual size: 874KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ