AutoWorkplace[.]exe | Triage

Sharing

General

Target

AutoWorkplace.exe
Size

44KB
MD5

6b19e723b10ca6f8669183c3cbdb6a4b
SHA1

935b17a3b80171ff67643d4c9a9f133dac49a0d8
SHA256

80993fe0cf9058bd3149d9bed8f9d69c5ec72d453e54c758612a386c081a3777
SHA512

10b436059064896398774aa0b847d3e25a6789c313dd47dadc3be1f0bbabc588e33951b930462cb862dc6d9b276941407737f6d7d230ea694aa31736bd1aeed8
SSDEEP

768:rWn5k74MInd8d+bEBG90h/fIuRekZnqCNMrpR+nzC3QDy76tiSkqSklg:KO74VndI+wBogouRekRqCNapR8zsQDSd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AutoWorkplace.exe

Files

AutoWorkplace.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ