PO REGSEW4298[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO REGSEW4298.exe
Size

650KB
MD5

6bdbcdd90692eca1f89c9f948ccb6e32
SHA1

128d0b9e5c18c1a8379a7d43feb39177d7096b33
SHA256

e37b7ab55a181fa8e716b4694e85736075ce0d67b7b3aa024d7fcc7f65f1e0fb
SHA512

2a7f0895e545a553b24fb71eb7d84cebed5ea7bb96b4b6ca8bf7558510fe62d8e395380c6f72a29f890b8a931615e985283bd829709c3810f7b6ebcc71e5fabd
SSDEEP

12288:jh1UgTYEn2NvnbsJF/B1ABCGx46Ap74TkO+7wyrJ68yv8:HUcYbkGhxRk7Gf6rJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO REGSEW4298.exe

Files

PO REGSEW4298.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 643KB - Virtual size: 642KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ