0001[.]pif[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0001.pif.exe
Size

893KB
MD5

afeb846add958a10881534f1c7432c8d
SHA1

5504b1021721cadbf71f2d5e6ba7f261dbe6ec9c
SHA256

7b62fd54154e6ac5e545c1850a3a4c3a92b28f862e951c1bd36fc57ac5e89b3e
SHA512

3d052a9f6f860ec4a2b62e2cf5291937634742d3c3ce31bb4bc652bbfaf1d1c4f996415878e04de9424e371f1a03fd357c81f14b76c1d4b242940929d78f0857
SSDEEP

24576:5rDhVmQvuh8bshSqkOqdY/xweGkI0NgTKjB:BzPb5+/xwHv0NQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0001.pif.exe

Files

0001.pif.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 890KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ