SandboxTestPacked_Paralles_Artefacts[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SandboxTestPacked_Paralles_Artefacts.exe
Size

131KB
MD5

612e7407048ce5ff5b0c68b6650bd56f
SHA1

8dea4906d8d2bfa8336f830bd6036200ff04496e
SHA256

a3b3cd7f7995c6e572365fa76aef24eb953386b2148cbed1703584ea93acf07a
SHA512

5079527387b413c3c6da6384513121c8f7eff74ad43405d2e64f77ab10799a38504a3ad263e082ad7ae3cfdd398d90219ea42284f6f84a5fee98da794b818db8
SSDEEP

3072:w6C4wUNlcxqo2lgosfHkZD3bCndjMNNVzvWlHIW9XQvspLl:nCDUNlcED7sfu3bCexalRXl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SandboxTestPacked_Paralles_Artefacts.exe

Files

SandboxTestPacked_Paralles_Artefacts.exe
.exe windows x64

6861c7265ea8b4995c64ef604e7d033d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

ws2_32

gethostbyname

shlwapi

StrCmpIW

iphlpapi

GetAdaptersInfo

Sections

.MPRESS1
Size: 126KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE