789c619ec9a5d1fe68b52469d5e3f850 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

789c619ec9a5d1fe68b52469d5e3f850
Size

10KB
MD5

789c619ec9a5d1fe68b52469d5e3f850
SHA1

17aaa37187e9eae125773a947d3e3d38e7b70faf
SHA256

e517dbcea6ffdc9ac2bdcae3e42ee06fe7794d474e6e930d249be1cdc9f499d1
SHA512

1c06320e813eeda29d7680866e08c42754a99108d4abc318094901eee3e8a634ebcf1f95859951c0f9a2334ec703182f2053c895bcb7844b73a558d931585add
SSDEEP

192:xGS5TTbqsc+k898b8aCudAP59BqVFfwx+F+dk57kZgUR8Vx/o3oAnoDoY:xGSdTb7cHZbZU59BqVFfwxqB57keZTqm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
789c619ec9a5d1fe68b52469d5e3f850

Files

789c619ec9a5d1fe68b52469d5e3f850
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

\\192.168.49.80\visualstudio\Process_Injection_With_Low_Level_APIs_NTCreateSection\Process_Injection_With_Low_Level_APIs_NTCreateSection\obj\x64\Release\Process_Injection_With_Low_Level_APIs_NTCreateSection.pdb

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ