Drawing[.]exe | Triage

Sharing

General

Target

Drawing.exe
Size

603KB
MD5

9edfa017d41749f89e3ed03de95be047
SHA1

a4ff313cafc64343ffa7afe7ff03fe9f872ab28a
SHA256

b196af30d4f938648c5c626b0c578d73d7d1c4f09b2228800ca78744bf508c06
SHA512

82c24694b21c70096fc8eb5d8dfedf73b03fc88e12206fc8457585fe60b92e72a94d523ab0dc2f1196ef204f90557f5d5360772fce5264440e657b0e22ece68c
SSDEEP

12288:NtHzPrD6MqJ0yadE1dewjSVbJKKGIQh7/xPM7cNmU6:njDZq6dEKJKrIQh7/oU6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Drawing.exe

Files

Drawing.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 600KB - Virtual size: 600KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ