WindowsApp2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WindowsApp2.exe
Size

3.5MB
MD5

3d55b0a05359bbe03b91a20a46e09f1e
SHA1

5a863d013c7dc88e4c4d8e4a3da0bb5faf0becac
SHA256

1dc51eda0d147ec7efe7bf7b5c29fe8312f7a5a1b585d8f4fa22ff328a51d3b2
SHA512

96c03897132bad6568f952968f6ffdee855d8fd5b21f261c6e449eb25f918f8741d7d6a145d2bf4c77bc62cb34050385e22a2739082bd5fea7d2ba72463df094
SSDEEP

49152:DmpTXKmUIwaqbvVG8MTqMG8RSRzSKcchhY8MUoXt:CpDKmUIVqxG82YzScu8MU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WindowsApp2.exe

Files

WindowsApp2.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ