forum[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

forum.exe
Size

10.6MB
MD5

2e21932c63df38eadb8f80e1582cdc04
SHA1

28c2bebec9be4db987a44b7417e1ea16cff76255
SHA256

50351b1ff64cd2e8d799f5153ff853a650e8782c49f241a123c8779ff3fa2a3d
SHA512

64505e7f302e3601619862b58e7b6fa0467df8bb8bebfb9b1c6e4e8f8be0136cea19b520254d7b84421bdf4faefd9afa23a2abaeabedc8a3571bafc68739df87
SSDEEP

196608:OHpBCJtxvd5AcOxz2VfAXyWZborFpiU52yWjs6NjTUWCQTAtg5awnxWagOqHHOt1:aCJtRd5Al2p2orFIyv23UqTyFiccB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
forum.exe

Files

forum.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10.4MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ