Client[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Client.exe
Size

163KB
MD5

1c6d2b731a48c344d641406b83fb44b0
SHA1

fce15874a30c7fbdc3d337c7ff8ac9fd4d0e35e4
SHA256

c8bb80b3b9593773bf03cf8e10fcd7ca2fbf213676bb51c9d792384945b0cba0
SHA512

f7e9dace71f64eb2451d36a22030c75819ab57337b94da391f3d0b8f527e02551c6b47de673be3dea0362a1bbf4abfa75bc0e83de2d36c48dfeedb0da88d0adc
SSDEEP

3072:f673LbyAs3THkUu2L9iU+FTZjrmjrAy+DMKWbofV/pV:S7fux/NOT5mXAZDM/bo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Client.exe

Files

Client.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.|k8
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

FBA1CFC0
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ