Quotation for API 5L GR B ERW[.]exe | Triage

Sharing

General

Target

Quotation for API 5L GR B ERW.exe
Size

612KB
MD5

4891cfcacc4e6d1ce89a5cf2fe397eba
SHA1

f528d7deb11fea16ff4dfd6d51d6da45444d6718
SHA256

d37b94cc6dbda1ab0be4125b9399716800149a27665acc13b62f62d9a5d29334
SHA512

f0c3c0d1af3048053c7351c5d51cf7a386040dba3408966aa59b84974266474b68376a154fa2ca35a250d201ee51800521e64ee40e8cc955dccb9979e4a87d8f
SSDEEP

12288:TM725oTPEdBEwp9Wipjh36VX1l3T1/y4pSFiFiQVHV7V1DFzw5UY:TfycV9WipjV6B1xTByhrQxzw+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Quotation for API 5L GR B ERW.exe

Files

Quotation for API 5L GR B ERW.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 603KB - Virtual size: 603KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ