Confirm!![.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Confirm!!.exe
Size

831KB
MD5

a5d8e292694beac904ad6e84bc98ba32
SHA1

3594d799f68699420e21ef12769872c4dd8721ac
SHA256

64d39c5ca1acfee70e9e783ae33212a0f271ba323077a7c2b0a135706e3e37c0
SHA512

83b4ce08d506df25fdd50bcabd4c19c2c5166de96393a50698b4a7da55781433fb7c4fbfbdcdad44bd7dd2ba22c89247e98914af758b0909ef98d156e95a4ebd
SSDEEP

24576:BlrtD/61g2k70PDeVxZqytEXhF9uXgoTydXQ:R6rk707c5yXhF9/Ey

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Confirm!!.exe

Files

Confirm!!.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ