WindowsFormsApp4_Robusted[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

WindowsFormsApp4_Robusted.exe
Size

90KB
MD5

4ac6cf5c26bd2364a235d5d4d0d73c8e
SHA1

3f363f65bf8a004fdccdaf8e5dc29ed75326c66d
SHA256

3a073d9c4c5f4cf78bf97bf63d9ac6b5b1222bcbddb19a121850f2e89bc77b18
SHA512

cdd5da9ed5b895bd0517bc70c65b63acbd0855819c59fef01c6d4ad506887e358d28c6cac18958a6ca54711aee0538a6a28b2a3b4b28e2f09d6029264cd0f46c
SSDEEP

1536:RSoT6yuI9fzAVkG+JRIpNHZWglJx237V9HpNxBKcSLzk/CP4i:RSofzAk9SpNHZ3lJkRxpTBYnkoJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
WindowsFormsApp4_Robusted.exe

Files

WindowsFormsApp4_Robusted.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ