ms_x64[.]exe | Triage

Sharing

General

Target

ms_x64.exe
Size

7KB
MD5

7af4a1f231801679c6d257d3cbd939d3
SHA1

b646b3e5def649749659d3221173875792bca4e7
SHA256

e33b52daa2163f87e5c0274768d7c7a21f851102aea862b7fc53b2347742a677
SHA512

8ac212b6bdb838587a7f8927c6694cbe085f055ec5d54d83e14a9d3fca89d4502cd71db85db022827fb16853136e6803200d6a3df07a1c6751ed90f4330e91ed
SSDEEP

24:eFGStrJ9u0/6bkE/nZd0BQAVnZrt7WTtWy0SUWzNqrymZOubpmB:is0REb0BQMrJdWzNsJOvB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ms_x64.exe

Files

ms_x64.exe
.exe windows x64

b4c6fff030479aa3b12625be67bf4914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
ExitProcess

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 132B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rbxr
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE