ungziped_file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ungziped_file.exe
Size

652KB
MD5

7454bc2208e2ce68f4982b2077e0cd4e
SHA1

486e9605e9f67239b784abf19788ff196219b992
SHA256

f594785f5e53cbd721f6d848329765aaca8b3527c79d75eb5cfb013ed7cf7cb1
SHA512

c999040cff204a9c1e2173e0044bc2fc1eec10c07fb514ccf4d49daba5de98c70e841779eba347296bd20d7bd051947eef796df59fbdb1a5e70533a08f830ff0
SSDEEP

12288:3djUU2iNtXfsubWZONLIdSXNV/6HJps8nTEW/gpOz3V:NUU1xiZOudSdV/cPTEW4pA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ungziped_file.exe

Files

ungziped_file.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 649KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ