bid[.]exe | Triage

Sharing

General

Target

bid.exe
Size

65KB
MD5

dfc805fdc139f70a33e00bcd28d66bc9
SHA1

e7eaaaa5e16b4166c7bb552e6c753ef1c38e6287
SHA256

e6c457b01c6f86ed263b658e2a943150e5db2c0e60a049ab8853be4c27664a76
SHA512

2b90f1f729f036821fefcbbe28bb04be5028c844bc1c90c10c3c14da80f3fcbca96a50c9e2a2ea5303ebc769a5eb522f5542273fbb7258ab030bbadb412d1178
SSDEEP

1536:iyMQ47BUaCjKMbyf6b/PjIDD1oZ1iMPswVcl:i52jKxf6b/PjIv1zMPsqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bid.exe

Files

bid.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\plasma\Downloads\code\code\code\MAINPERM\PrecisionBuildOne\obj\Debug\PrecisionBuildOne.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ