file[.]exe | Triage

Sharing

General

Target

file.exe
Size

9.9MB
MD5

c7e1a35456fa34722556dd88dea6e5c7
SHA1

8b2a0d2b39945a80ce06e44a78973e0f9b93194c
SHA256

4aa80d6935201d51bc5be593908289cc2e239be14991a5dc6054bb19e7f90c44
SHA512

85273dfec4d40a9f8259c764f1d4c431d60c060e7792b2f8b0498205ebdb225d8a0314fb32f9663d5b30b00385b4e982a2d7ef3f429c317729dc4877b9598e5c
SSDEEP

196608:dqG6fth+H4TaduMIDwAsrzwBiaBYJwQwvk5KTOYTa+tH/+MpZG:gFhgIDwA9BiaBYJwQk8Z+YMpZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ