b8d08cfd32f660343a9f9a5d26fa466dbd194f60788f3f6e72de8c6f5e14be9a | Triage

Sharing

General

Target

b8d08cfd32f660343a9f9a5d26fa466dbd194f60788f3f6e72de8c6f5e14be9a
Size

3.1MB
MD5

11d020f32c123700a8ef1fad3bd46c1b
SHA1

ad1cdcf78b2b791d73981ab994fbc33164460232
SHA256

b8d08cfd32f660343a9f9a5d26fa466dbd194f60788f3f6e72de8c6f5e14be9a
SHA512

1c541642f50b29288ff14d72115bdbca59b0460b45b2a22165e4b6c55cca4620c4da8a42b2b54f9a3bc36ddd894e406b13b035b036cb1a758ed2ab7c96fb8827
SSDEEP

98304:QjG9Dp/AmH3qQGyZDChtWGv/IrIySTm7yn3:Q01t8PorRSCo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8d08cfd32f660343a9f9a5d26fa466dbd194f60788f3f6e72de8c6f5e14be9a

Files

b8d08cfd32f660343a9f9a5d26fa466dbd194f60788f3f6e72de8c6f5e14be9a
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\OLD_W7\SIO\2303G\Windows\Project\01.HidSdk\Ti_TMP112x\ReadTemperature20210121\Release\T_data_logger.pdb

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 344KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE