BSidesMTL_Malware_Workshop[.]exe | Triage

Sharing

General

Target

BSidesMTL_Malware_Workshop.exe
Size

336KB
MD5

01bfa5421b6af138ecd0908205477e34
SHA1

909c7e9729227c62f53dc72bee935db272ed07de
SHA256

63d79c58f5f636bcee07625b57568865e107de366e413604eda07e5faf199b02
SHA512

f198c72337a5df462953c76279da3ea3603967299acb42205968855150813df08ecef3cc5cba56c9704d2ed327859f404ac0b313e232d3385e01cc5ea8644306
SSDEEP

6144:8FRFk4BodwktG9LMrVoVGDOH9iF1E2YCaSqAfhDEAmg+:8FB0e9Lm6V/H9qE2YChqMREAmD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
BSidesMTL_Malware_Workshop.exe

Files

BSidesMTL_Malware_Workshop.exe
.exe windows:6 windows x86

f7ea630da30417f257bdb9fe2f1a989e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
GetProcAddress
LoadLibraryA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 712B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 460B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 331KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ