memtest[.]exe (1)[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

memtest.exe (1).7z
Size

728KB
MD5

2d21e7f4c239030e0e492723dc0bbc55
SHA1

be776f0cb306b1708a7c38875a446ffb7b39ddd5
SHA256

f5d36f192eca07944b4f33a85a4c8cacdf9ad2f52a6a223ded8f6d18664665fc
SHA512

6984cef82e1f29d64e16c543286a86eda4456855980eca6b3c3500279c9fd7738179ec8b01254916d323438d0715cf50fdc93a052637b6b2464367a490d25741
SSDEEP

12288:MqTjgoCSr9cX3hVzL9roKDOgL0NSwvEhFBEkSvJ9KM0L/i50tHuuq:DgoCSExNL9RbQgMETOPvJP0Ti5wH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/memtest.exe

Files

memtest.exe (1).7z
.7z

Password: infected
memtest.exe
.exe windows x86

Password: infected

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 966KB - Virtual size: 966KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGER32C
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PAGE
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 405KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

PAGER32R
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ