SandboxTestPacked_VMWare_Artefacts[.]exe | Triage

Sharing

General

Target

SandboxTestPacked_VMWare_Artefacts.exe
Size

133KB
MD5

3cd47d8c3bc9ab1d85c92202351d45c3
SHA1

0e8190e10d721a032a21e8b8012d5542f05eb002
SHA256

09d5e1c56047a1cf46736173d09bc641d42f3889f795796a506486628ca55654
SHA512

2e0d3d26be9e9d30a303cf44546b94dbca0edaef045b255d2b66a2bb632bc5421a98b58a6f9f8a5884a6983ec96fa832c1f504ec4774487b83294d0d79283c4b
SSDEEP

3072:oFqoc4ZhIoHnVIbknQUhDiN+8fyOAvRL8XuxESkx:18HnuWhiY86Oi8QA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SandboxTestPacked_VMWare_Artefacts.exe

Files

SandboxTestPacked_VMWare_Artefacts.exe
.exe windows x64

b1ceb64d15b66766aab0b633b34c354f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetSystemMetrics

advapi32

RegCloseKey

shell32

SHGetSpecialFolderPathW

ws2_32

inet_ntoa

shlwapi

StrStrIW

iphlpapi

GetAdaptersInfo

Sections

.MPRESS1
Size: 128KB - Virtual size: 348KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE