2559050101000125[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2559050101000125.exe
Size

49KB
MD5

4b8ecfd52a6bd581ee77c2f623474407
SHA1

86026561819cb30c8c3b4f4f149c2d218b01be40
SHA256

cab678e9bebb6d414db9b4bde2bc7c5858d32b9698b26098c8652ced61b845e1
SHA512

e5d617c770b46bd9edf18f72bbdfaa0b5f7bb34f5e9bc2ef13a3573bd243cbb86059a822027b041de6b516d93e393e5447ddb4581f7cf9575e2a6788804c0c15
SSDEEP

1536:CO6UjOdvDdlQcOgrEChKEEpHQjKsvaFzQ:X6Uj+vDdlXAQGHQjKsb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2559050101000125.exe

Files

2559050101000125.exe
.exe windows:4 windows x86

Password: Visyra1234$

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ