file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

12.6MB
MD5

20009748979c975dd9ac25f6b977b190
SHA1

e07073c6841dfc24cbce2bea89bdff4b012556c6
SHA256

4d51e1dc59c149003604bbd8ddaa425ef767789c19e2d3d3d7db2b4e530f8b4a
SHA512

0148cfd22dfcc219e83e12d644c767e7716efcc26387a548a7e1c916cc9e78af9ac2f38f92977246658640b76c0a4efae0998c296c7ef7b5a9b2870e87fef8b9
SSDEEP

393216:OyUVL777zqBFJyR5tqgtXdFGX0OV0bGWwJ:OyUVL777zqBFJyR5tqgkXh3Ww

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12.6MB - Virtual size: 12.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ