samples[.]img | Triage

Sharing

General

Target

samples.img
Size

1.3MB
MD5

0e3a530d7797bed9543b5ef0942ff274
SHA1

fc479172a946af2c42fdfac37317515f3aa6d49a
SHA256

f30ba0f23a0f23c081e138b3c62f9ecdf64dd117b590ffa25f901716a2c2c138
SHA512

394a3603ea7c2c43bcc9fc7e9f43cd00ca186c1cd7989a853bb2ea295e776794163e9e4cfe4dcebb1f43e25c9f759a4ed53e5f924f5793665417af0eee0064c8
SSDEEP

12288:krfXXHjivz4mL/ybmDw1IwjfkM8aCDwjU3qhiqxjExqMHDFACuvFd:krfDiyaDw+yMMdC2U6Dw4sDF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/samples.exe

Files

samples.img
.iso
out.iso
.iso
samples.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 777KB - Virtual size: 777KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ