Client[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Client.exe
Size

156KB
MD5

b72f8aaf6407fa2aa3c3049d923a08d5
SHA1

32f68f329e53846f198a6f3d2b65e7153c08c892
SHA256

57288df76c1d7d0d913cfcd039f81508fa5466b1825850932d01514a27b56067
SHA512

40d6c53ca0a61dd6403809dd36eeaeb3704797aa3a5b465604e58fd375a0775f7b44707c67e5f9ed3b82d7504231053027e2fd9118b5eb6e3f4e99a018700e56
SSDEEP

3072:mFZPwf/IkzfaceYNqVlqcLeEhfcyjfmEz1H6hPEsERRWb1rW1:mvkzfaVYNAlJ9ftju41HUXO4b

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Client.exe

Files

Client.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

0'Zm,|v
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ACA4A2D4
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ