Confirmation!![.]exe | Triage

Sharing

General

Target

Confirmation!!.exe
Size

646KB
MD5

14b113f3a81cb3d3e896601fe247c31c
SHA1

5021223cb23d9a5d5598b2438ee08194d42edaf2
SHA256

1e6327a5456f3aac77ec28cc80c9f9f8cff8a157a25a8a2f597764dcbccce3ea
SHA512

96d6f8bd5135f9ad38e6042f3bdd30bbe08c877a779dcfbc8b7f5e0c4a142f8826ffc97ff0ee25d1863a380252ada31885217db6e0f89c3b19fb4acc9b2aa981
SSDEEP

12288:07AFnSTJ0TmqUmY/G6C7PgSMuE/5pTsKc/Q8VwNUmVGS:MqSTJ0TmrmY/VCB21C/Q8S3VGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Confirmation!!.exe

Files

Confirmation!!.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ