PO21019612[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO21019612.exe
Size

960KB
MD5

8aefdd630923829f049eff1bbb1aa807
SHA1

d1fd7bfccbe9fec7bdaf032ffcb9899baacb7ce4
SHA256

36f8e4eb768b6f4bcb732179cfb4d8795452c285d565e4fc4998455de0006f51
SHA512

fcc80076b44b14b24de01cb634247526aca37243d708a60982aa01d6ed7c6779c468d887792e49b48ee54bb16de034025a67e000c9d1d6680a3e55e70b75c86a
SSDEEP

24576:Cw2qj4ss2NvJhmEjf42Dft3e4kcYF3TAGxZIHlYYRnLvh:AU4cNBO6fNe4EFDAGxZIFlhL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO21019612.exe

Files

PO21019612.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 957KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ