e833228cf1abc4175c89853c49f41a95c9b9920d4a12d2eeb245cca4c7b9683e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e833228cf1abc4175c89853c49f41a95c9b9920d4a12d2eeb245cca4c7b9683e
Size

368KB
MD5

da048a69f8a9e45039a698a4409aa0e4
SHA1

c048c1ae210df785be67a272baca5fe468cad79b
SHA256

e833228cf1abc4175c89853c49f41a95c9b9920d4a12d2eeb245cca4c7b9683e
SHA512

8ef1cc1897848dac290b19c27212d95ba84b8128532cfe8941ef7aae125d99b6916585743f317ac30326d67820b9375d9704062a827de7d64748c2fea5cf0ee7
SSDEEP

6144:TaZ43Vc0WVUxOUB5sX6zWf0G+TP/XXVeXC8X3cO9bOXX3zxB:TaZ43bGOPxB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e833228cf1abc4175c89853c49f41a95c9b9920d4a12d2eeb245cca4c7b9683e

Files

e833228cf1abc4175c89853c49f41a95c9b9920d4a12d2eeb245cca4c7b9683e
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\projects\2020 Products and Versions\PoshExeHostCmdV5\PoshExeHostCmd\obj\x64\Release\PoshExeHostCmdV5.pdb

Sections

.text
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 313KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ