file[.]exe | Triage

Sharing

General

Target

file.exe
Size

3.9MB
MD5

922e83e52f23027ae00d4ef9294d71dd
SHA1

9668d375b80f244cfc1f340188e546485b40de29
SHA256

a809b6ffd9241ec430d4ab5c866566365b642a9e553f811cbf5f3dc5acdd0ce5
SHA512

8919e88a0c9510f1c75dad67ac5cd2d51b2b5d53b911a640e33eff4725a2a13457d09e25e5e0f66b74da2b3259c161b48b8a62ab3d4242096fce69e827e52a8a
SSDEEP

98304:+YGMTbZifvqUHjvdmdUZNjXbdXuJvCqtiQ6ovaMO9f:bG2wvZVG2NdXyCqZBvQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ