fa9d5f0e408a132aa981df0b045584a154c348ec650a6bc44d3a8e676c41ee32[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa9d5f0e408a132aa981df0b045584a154c348ec650a6bc44d3a8e676c41ee32.exe
Size

138KB
MD5

37dfa0952a005635ed0e61d02bc14819
SHA1

7f92b2d36166c04d477d1ac7d167bbac4e239373
SHA256

fa9d5f0e408a132aa981df0b045584a154c348ec650a6bc44d3a8e676c41ee32
SHA512

149f920e5b0e2465db59e50fce48b465debbcb05ec97e70bbfd055318c13bd929ec0ed59b3dfc354c6ee7b83206ade08f61cff91e2becd9ba998f83221e9e63b
SSDEEP

384:Ss99x/OqfsaNL7DylH6jEjw4XwZPeS5zslRH6Px/OqfsaNL7DylH6jEjw4XwZPeN:JDxLRmJp0zslRExLRmJp0zslRT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa9d5f0e408a132aa981df0b045584a154c348ec650a6bc44d3a8e676c41ee32.exe

Files

fa9d5f0e408a132aa981df0b045584a154c348ec650a6bc44d3a8e676c41ee32.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\AllInWork\branches\QingDao\AllIn.QingDao_CIIC\Allin.Launcher\obj\Debug\社保士兵-青岛版.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ