ebf731c5fa302bf8e333be2cb542ae7b[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ebf731c5fa302bf8e333be2cb542ae7b.exe
Size

43KB
MD5

ebf731c5fa302bf8e333be2cb542ae7b
SHA1

db2ab10e715e2c2e08024a637f2028873f3e3ff2
SHA256

2d0b3347283712cd5eb22ba3b504c3647d5477054dbb65190d473b25845a641b
SHA512

6cc0bf2f2a0a37b76166a158a6eb30b7e37730c26ef7c2216e0f7eb6505406b877be87889a5aa404124d7eaf07cde7d0749b0ac940179812d32e0c55874050a9
SSDEEP

768:plkKJqmyXdpu1J2S8NZBVkd/0d5EjRx8HyT0ox12cyzj2ybmIeQHcmWyVG+ufCv:DkSCy1J2SsBWOEjgHyT0cwcPIeQHlWyL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ebf731c5fa302bf8e333be2cb542ae7b.exe

Files

ebf731c5fa302bf8e333be2cb542ae7b.exe
.exe windows:5 windows x86 arch:x86

fadff06f4d841e64dee58a5ee801aa72

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
GetModuleHandleA
FindResourceA
LoadResource
LockResource
SizeofResource
GetModuleFileNameA
ExitProcess
GetTickCount
CreateThread
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsProcessorFeaturePresent

user32

SystemParametersInfoA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 298B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ