a1f8a502541b24e9b3933a459b95d69a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1f8a502541b24e9b3933a459b95d69a
Size

20KB
MD5

a1f8a502541b24e9b3933a459b95d69a
SHA1

ee83f58d561666161430ef67d8f5bbc5de768347
SHA256

50d118fcad2b2eb2442bb955d5c6c72fe7bb64bb16f3ce8e224ff19830a5ed77
SHA512

b7b8296d88d0528e455df5a586f561fa136701f2db42c1ae7b291656f95622574b48777cab7f613b164fceb4e5b1a0c6fe36df7eed3f6175bf71d05b1a166d36
SSDEEP

384:gfkqoEwCMoRQ/Wr0+ZaFIWZyJLk24jXPlra3XECn53ts1cMGF:tq7pvRxAXNA2XPA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a1f8a502541b24e9b3933a459b95d69a

Files

a1f8a502541b24e9b3933a459b95d69a
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\bart\AppData\Local\Temporary Projects\WindowsApplication1\obj\x86\Debug\WindowsApplication1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ