97015e341011495f480e66e5316ed3dafba6c1ba6d695e841ce3bed7a655ff65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97015e341011495f480e66e5316ed3dafba6c1ba6d695e841ce3bed7a655ff65
Size

3.9MB
MD5

b1f7e4ed472f2ab2d451d3a5f61e1dff
SHA1

85a1dc4cdc499ee0f4d5874e229b4a8021cdd10d
SHA256

97015e341011495f480e66e5316ed3dafba6c1ba6d695e841ce3bed7a655ff65
SHA512

8619938b5d3c4f5092fb600d980e75d35bba3d9160e3adbc1503aefe6694c4fb6a4543fc63bea80ba23ff1a96915152c99e2892d76f4412796239d1694e0c7d4
SSDEEP

49152:u7pkSx8+3r6ufIxSsvPf16kKxufwqMeQ1XVJdsuO:u7pXx8+7xfIxSsvPf16vIfwZXvPO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97015e341011495f480e66e5316ed3dafba6c1ba6d695e841ce3bed7a655ff65

Files

97015e341011495f480e66e5316ed3dafba6c1ba6d695e841ce3bed7a655ff65
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\NEW_PETC_2_NO_CEC\NEW ITPETC\obj\Debug\GreenFrog.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ