b864c557c4131578a9685c414003377d | Triage

Sharing

General

Target

b864c557c4131578a9685c414003377d
Size

2.5MB
MD5

b864c557c4131578a9685c414003377d
SHA1

7babee9d4d2925337d365a2b1a74f931f65f9713
SHA256

7991da35eaedb012559937785a75042dffb0112c38ed25d02d61aac3504b8fae
SHA512

0bac75953ed9dbd67656d04316d56be82c1c8db119c5ab1a1d1a5d17a4ea13afd933feb7ca1d97f16d5a18733b6b3ce6035dd992881f9c2cf90cb7c1f7819288
SSDEEP

49152:2jl1ZZdGyoXqeIELvYiCCA8hhsysIKedW8RmkeVWnVYjuc8mjHf:2jhGyo1IovYiCCpPmIVWuS/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b864c557c4131578a9685c414003377d

Files

b864c557c4131578a9685c414003377d
.exe windows:4 windows x86 arch:x86

88381b84da56810b869e897e6d45bd58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\build_area\boxedapp_src\src\boxedappsolution\dotnetappstub\release\DotNetAppStub32.pdb

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

EnumChildWindows

Sections

.text
Size: 512B - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 142B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.main
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ