c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0 | Triage

Sharing

General

Target

c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0
Size

17KB
MD5

31eb70dc11af05ec4d5cda652396970c
SHA1

2aee1f5306e38d080d16a96b6c23895ffc6ee2fc
SHA256

c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0
SHA512

a0a0daf86dc8c93a5bafabc6d2071f4c7c54f5a7504665784bf2713a8f43ef809684a638c1ce7885af8b7da779af514c32f7022c07cc02e30154949daa6d8c9d
SSDEEP

384:roOvdiW1r56eepTYYmz5v+QZ3ENfK1SVqxd44VgW5:9se5GdhtWR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0

Files

c0a7a797f39b509fd2d895b5731e79b57b350b85b20be5a51c0a1bda19321bd0
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

Z:\predator\SpoolFool\SpoolFool\obj\Release\SpoolFool.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ