c018bc9508e1d4e31c3352aa919bca42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c018bc9508e1d4e31c3352aa919bca42
Size

31KB
MD5

c018bc9508e1d4e31c3352aa919bca42
SHA1

d14886f9b378f78c1d82f049cc333e4b44232bfc
SHA256

b64061a341b6d0849c250d33fee9ff4f8f80f753432f7d6f44e35cfce399d09d
SHA512

f1c120bfed8920de1f92d4d7675dbc3fedf891411809854ef43460dc87f8c190c46bed98e8014af6695099dab4b5765dec8817ac9b295d5362f443add6e68f0f
SSDEEP

768:5GHuvUw+F9ACZsiBqzFea3zhloLKfjpdmz:5Gu8nF9Yyqxeszhlos4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c018bc9508e1d4e31c3352aa919bca42

Files

c018bc9508e1d4e31c3352aa919bca42
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\itadmin.VRNSLAB\Desktop\CVE-2021-36934\obj\Release\CVE-2021-36934.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ