SandboxTestPacked_Wine_Artefacts[.]exe | Triage

Sharing

General

Target

SandboxTestPacked_Wine_Artefacts.exe
Size

130KB
MD5

8c32dd36d143ac7efcb25e316135a623
SHA1

2991472d4f61f38732fed63b8b14fb3393d9a413
SHA256

2ce0892357fb73a3a17699c76e00ac12a48d8df1942a31d7872845bf9bfb132f
SHA512

b8b98de798cc96623219526360aaa7e3bd372925b3473a2d63fb3538c465687f35a92845546427e3a27505b0af42ede22bf6525bc1fc9161ccbd49e087137ff3
SSDEEP

3072:uBUP5qWnU0A5cZqsryJJSeKxcnlLeQAdXx1mcSgloyk:IURh8csWyvXLZeQQxc/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SandboxTestPacked_Wine_Artefacts.exe

Files

SandboxTestPacked_Wine_Artefacts.exe
.exe windows x64

842360f219c805e7ef0060435bb70b1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

advapi32

RegCloseKey

ws2_32

gethostbyname

Sections

.MPRESS1
Size: 126KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE