demurrage1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

demurrage1.exe
Size

696KB
MD5

579da73fc5a6994608d5fba1c51b5885
SHA1

cb0b6df5089bc8f06ad51c7745b1421b01721545
SHA256

f9743731cc0fd40863f11c5c6568f9412a5c3df75a3628a6df275b70b95afe08
SHA512

5f7d0210f470b4d297721cecdf66d14db47bc7455b8308c4ec2cae58d0792555c75be58cb80ef3ab6ab7626c77cce7ae4d517d94e9f127f47a220c3205ac88ae
SSDEEP

12288:mhEQyT++LZ44IMERh8pnpJHvCqXi2TCY7FbxmqASfXq58i:iZyK+6h8XJPNX7CY7uSfw8i

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
demurrage1.exe

Files

demurrage1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 678KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ