PO TKHA-A8816001[.]exe | Triage

Sharing

General

Target

PO TKHA-A8816001.exe
Size

782KB
MD5

0a714b10c9d1770ba23576cefd65a0f9
SHA1

8d74d1d2ffd443fd6cee3078ffab3411305d5cf7
SHA256

d3e71a337d58b6ae1f49be4a5d89258ce11dc33b86c0a6f3ca93c16170dc500c
SHA512

dc21b5d87498b8b486d69cd4742d092e95a2b68ca03c5e7533520001f3f3695fa0ca4a117fe0f944e9bb14ca4342d5cd9ad4f5570a145eeb91738a64dc3216cb
SSDEEP

12288:GVpBxh4EA1+URy4OD1LtG3vXiB5lFET2XYwjtBbJWx+eyt7qMnFPzi31sbIdkMB6:aw9nOh4vSs8Yszu+5tfPziFsbYkMB6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO TKHA-A8816001.exe

Files

PO TKHA-A8816001.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 780KB - Virtual size: 779KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ