AndonMail[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

AndonMail.exe
Size

337KB
MD5

db0fc9eb94d7fe6bbd0ad76e85c1bc91
SHA1

c8f8ff9aafdf4b8e58a3ff2cc8f8cfa61f7efef3
SHA256

d1601edbb14a2112d53dffb6323eada65a9248021a8d0b49c3888005147d13df
SHA512

96f292856bdb9aaebab6eb72980628ef566fa0ef1a41c562fe53d0992a39756a4f750579d0aa5854016b6a3689d40856222c83ca8553fa97fe363dfdbdbf9ccb
SSDEEP

3072:O0+/N/SxampYkoEqGvp2MTVlRDbtzbDN8SQEl3s4Ai5bdQLf:U/dSQ0aM5DtzR3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
AndonMail.exe

Files

AndonMail.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\Company\Working\shkl\AndonMail上海开利PAC代理+物料呼叫+成品呼叫分系统提示+任务超期提醒+一冷 +Aws +外围设施+邮箱+长交期+发图\AndonMail\obj\x86\Debug\AndonMail.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 330KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ