shenheCenter40[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

shenheCenter40.exe
Size

1.3MB
MD5

8e7cc5668a93278fc77a3e4641e194fd
SHA1

bfdd5f3b81a07ad4f5e88d140babc7a4d46deeb4
SHA256

75a7bd5a95852bad570b00b9d81a5db14fd37277a79ab1ba7277c0c8bde51e42
SHA512

42f9100b5df9399dcd5a7ade9df78bed65d14d4be2830098abcc45b000736724890344707cb9edce6df2fdb2f8fd6df1a38f886eed328c796993d2e1b6b4f115
SSDEEP

24576:wHchXdN37Pppadm4jgW+0mt5jYhYHsHR44bURRbvd1vx6j:Ichj7Sdm4MW25cxaRRbPvg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
shenheCenter40.exe

Files

shenheCenter40.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\WorkeERP\shenheCenter\obj\x86\Release\shenheCenter.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 884KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ