podampl[.]exe | Triage

Resubmissions

21/02/2024, 18:36

240221-w9d86sdg92 8

21/02/2024, 18:29

240221-w416radf67 8

Sharing

Copy URL Twitter E-mail

General

Target

podampl.exe
Size

26KB
MD5

8bb7800c338ff05c6f0a65bdc8423f78
SHA1

bf9d87e1058316024410e6fd2d33348796aef66e
SHA256

eb52aa477329f2795268f7a5d3ffa2dfd8a49bd1d2c62a431061f8d15a664309
SHA512

30ae5f6ecbf9095b725b2951f1f7298bb57b172061fc205d90cb08e378dc52833b0747e7403e1a9fb8368a4a070ddd7409273cd62a1a221157f1233a063ee50d
SSDEEP

768:TuVMQLTr19XnAF/Oyc+i7YSipe6j3zTV7Ac11:Tk9+iMSijjh7AA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
podampl.exe

Files

podampl.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ