044667fff55dbe45953a9d21189a230b8aa4f364ed88823df74409f1cc8dddf7 | Triage

Sharing

General

Target

044667fff55dbe45953a9d21189a230b8aa4f364ed88823df74409f1cc8dddf7
Size

375KB
MD5

54f4d502752407d17f7972d94abc1a96
SHA1

0dfb278cf9a2ecff444c2b6f840cc915bf77b2cb
SHA256

044667fff55dbe45953a9d21189a230b8aa4f364ed88823df74409f1cc8dddf7
SHA512

bcd24b64bce70a683003ae7150f21aca02ad210ed5c5e6dd1d550f72ec9e0e7828bc019d7160b5f9d1b4e75d40cf3294eb0575271c9a42ae299e8070deb8918a
SSDEEP

6144:DsySftEiFItyn/9It98tJr5FHa0hiuPLt70Kpl:4dEiLVFa0hNLSMl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044667fff55dbe45953a9d21189a230b8aa4f364ed88823df74409f1cc8dddf7

Files

044667fff55dbe45953a9d21189a230b8aa4f364ed88823df74409f1cc8dddf7
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\rthieman\Desktop\Projects\C#\solutions\primarch\primarch\obj\x86\Debug\primarch.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ