d9a6afcf1f17010c8432b8725d77eececa4d8fdfbebf3eeaf8d1d2d31f9bd9e9[.]exe | Triage

Sharing

General

Target

d9a6afcf1f17010c8432b8725d77eececa4d8fdfbebf3eeaf8d1d2d31f9bd9e9.exe
Size

535KB
MD5

873d3f98aa31a6d5802e2033bbfa8ce3
SHA1

1692b76af4b21f6c5e6fba7c54baf7fdc4e5d1f9
SHA256

d9a6afcf1f17010c8432b8725d77eececa4d8fdfbebf3eeaf8d1d2d31f9bd9e9
SHA512

05f0955e79f226707269689232f938b2af5d509918ce34d6d6b3c36ee63490551d443918f456705dbe15be5c9dbb87bc7e9e4b1ea663741ae660153c2cad8022
SSDEEP

12288:VvDZzYGzVAGLfOa9QpJIGzVAGLfO2GoVAGLrS:kGpAGLffQpJIGpAGLfnGKAGLr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9a6afcf1f17010c8432b8725d77eececa4d8fdfbebf3eeaf8d1d2d31f9bd9e9.exe

Files

d9a6afcf1f17010c8432b8725d77eececa4d8fdfbebf3eeaf8d1d2d31f9bd9e9.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\OneDrive\OneDrive - Haley Consulting, LLC\Projects\Client\TCC\FPDesktop\obj\Debug\FPDesktop.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 429KB - Virtual size: 429KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ