document1[.]exe | Triage

Sharing

General

Target

document1.exe
Size

164KB
MD5

6a4e90565b00a175a7f721785c103b8c
SHA1

7d4ec0780272583e57a2a9ab2546410b65d1815f
SHA256

96716d490f2357faf8ebb019edb959af47c06b94c51a8852b2b15b2cd3022c56
SHA512

1042acdfb6615e5ab1d025f2a6bcc81a0e1f2b42212b34de5f938fd181f92d6bd93ae5b5a6b793131004ec7509e90a59906beb23985621e410aa742f70e3634c
SSDEEP

3072:GCm45J77y4nWfFT0Y9+CRMtFYo5TYDVC3cpD9dBTtB3:G71fGY9OTYDI3EpfTP3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
document1.exe

Files

document1.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ