SandboxTestPacked_VirtualPC_Artefacts[.]exe | Triage

Sharing

General

Target

SandboxTestPacked_VirtualPC_Artefacts.exe
Size

131KB
MD5

cf2a92a1ba76576c9aac011d03519f17
SHA1

15afbacd678ef55533bb5429ef9053208e86bbb1
SHA256

5cfa0ee4e9db9a04166acb5e9faa6d0667e22598fe5ac5926bc47e61bc70c772
SHA512

806b128be104e2d8110e30df7757200a4a721aa5b2c5ba50f9b16699f67df290e06b81434dd3eb43791022fe46ec9d942583c2b08efba1e46ad971fd28d21789
SSDEEP

3072:/b4i5f525UR2OBlZ+feGjnr7/1MVpnbFrp8vhjWQryA:/b4i5h25A2OPkWsYTp0hj7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SandboxTestPacked_VirtualPC_Artefacts.exe

Files

SandboxTestPacked_VirtualPC_Artefacts.exe
.exe windows x64

2075c953b9fc5a8f49bf68a2ad16593f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

advapi32

RegCloseKey

ws2_32

gethostbyname

shlwapi

StrCmpIW

Sections

.MPRESS1
Size: 126KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE