Exmip[.]exe | Triage

Sharing

General

Target

Exmip.exe
Size

303KB
MD5

05c5742158cb40afe07e715fb171adcf
SHA1

3ed365cd79b36a6ca50a5d45f4c210b4b6f027d4
SHA256

6e89b0c8f8078991887ba81a7e60b561b71170bef3a2440e3932d6b5293d0a07
SHA512

646b3bfc0340b3372a0aee475cbad92ce44666958bb6e546b8dbc1e12a38ac9fc691bff6225e10a7ada6392067d31c0608929a92f7296b99ec37b3c276f08ce4
SSDEEP

6144:7w1zfkC0CDpPIQuvryFS3Ltp4mZnOous7U4UUU3UUUs9rOA:7wxfkCPKQuToS3zZnBuiU4UUU3UUUca

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Exmip.exe

Files

Exmip.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 243KB - Virtual size: 242KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ