file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

2.5MB
MD5

e582fa75b9a9b516b6a813993198c98d
SHA1

455e87c75e515051b81ea710618f8676f2b6118b
SHA256

fdb7113cc262bfb3e6507fbef1545d86d9424c0e49c09933a80b4d934121d29b
SHA512

479df82cb93b4196db638d7007c5d978b4a332c32ae2051e690bb5a37b0d8f87819ba25566460936b1f95094fc6f82c0d073d983941d833544fb6107ba11631a
SSDEEP

49152:Gt+UGqQrbz2YCLsZ9c11vdNK8OMaAkHFer0Dq3C679rBag1w/sZ:+n0Ol1w/s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 216KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ