e34fa1663286d5e6edd5e77b79fa9171184e5fb22f94d3762e05d7a1748ccad6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e34fa1663286d5e6edd5e77b79fa9171184e5fb22f94d3762e05d7a1748ccad6
Size

951KB
MD5

8510b6caabb96d3ac1a8ea31dc96e0b6
SHA1

ee6d332f8c635890f12d5cdab8a2660fdc500284
SHA256

e34fa1663286d5e6edd5e77b79fa9171184e5fb22f94d3762e05d7a1748ccad6
SHA512

ebef44365dc49c52a3fc8f78c38c0f07bda1f863eac05f80261f846a56afbb61b4b1eb6752e97285571080056962cd05aae43cd6e2d0decb09db57c348102653
SSDEEP

12288:y7p8scw3hjj/Ajj/ujj/ujj/1oyt/Jsgm5J3xkosjj/:FOjj/Ajj/ujj/ujj/20zCJ3xkljj/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e34fa1663286d5e6edd5e77b79fa9171184e5fb22f94d3762e05d7a1748ccad6

Files

e34fa1663286d5e6edd5e77b79fa9171184e5fb22f94d3762e05d7a1748ccad6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Eddie Valentine\source\repos\sfConfig Updater (EA)\bin\Release\obfuscated\sfConfig Updater.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 883KB - Virtual size: 882KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ