PO46723[.]exe | Triage

Sharing

General

Target

PO46723.exe
Size

510KB
MD5

3426dbb2593839db1c884ae8aa747111
SHA1

6ff07e2124f761d23039c667101915f8c54fd836
SHA256

000dd50b2f3df84aa499e38e8a88994b92c14556c517cd26237eacede1130c3b
SHA512

0527f153c7bfc01a2a0e85f3231f9840809f708b965fbced2fb1be1515d6aad4ee384262a90cd5eba0f28b5f79ad7c8f5e1f15ce25d420784031d20b4e3e20ce
SSDEEP

12288:+J3IU8S6eUdQv69QFG6wxFOl4DIzXWBNoml4tcYEIOF6mFbmW:+hItSAdk64fo6X6l0EzF6c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO46723.exe

Files

PO46723.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 490KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ