92f143956b9a12540154e290c4e62564 | Triage

Sharing

General

Target

92f143956b9a12540154e290c4e62564
Size

761KB
MD5

92f143956b9a12540154e290c4e62564
SHA1

1fee278385d5b122aed257fafad8438382492dec
SHA256

eba350227560d9ced91f4d3d85758edeca142d387cb2156dc9e169aaa0a4e6c6
SHA512

9dc37a30a62757252577fa00dbfc195b99274f8b868a9833a2b46f3b7b1d50c1363d142807b405068d8bdab1cbbc8ec5dca1691f223dc04c3b64c08066d5f3f7
SSDEEP

12288:BMrNIqNDs+RG7Y/ovzi0dSR/qP5OrOEuDAE+GL2QehBLouk3DefG7h:CrNIqNDsK6tvRda/RONAE+M2QebnkQGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

92f143956b9a12540154e290c4e62564

Files

92f143956b9a12540154e290c4e62564
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Primola\Documents\Visual Studio 11\Projects\Old C\Eject\Eject\obj\Release\Eject.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 697KB - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ