requests[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

requests.exe
Size

244KB
MD5

489ce342a1b99c14c7b9b7ce73a689b1
SHA1

0e4ca6540e67dc6ee18ec98d99eb6e5e41237fa7
SHA256

23c5fb5a707dd93670e3cd1ff950a15c2a806de793045232c9c8f5da3df57745
SHA512

273c84d378d7a23341bb69a60176f0af5731865e1031d9de1a04486812db06c270cbacbd39c1a4e067355fca41cfe1555797a904d4318a7e731188af0fcf96f5
SSDEEP

6144:9d1x1pnKoY+xIpTw9XelyUxZvqAETzOa:9x1Ioos9uQyv0ua

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
requests.exe

Files

requests.exe
.exe windows:4 windows x86

Password: hhhhhhhhhh

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ