Vision[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Vision.exe
Size

11KB
MD5

03a313f879acc846733dda7dab474e59
SHA1

62a37965dce30437a5ee2407b07750dea10b5b44
SHA256

b4e3d2a90d6dae3782ffabc8fdd040cf5c5861611a5530147b95a51cae13e04d
SHA512

4e8966ea4736987f5d145202759eb3c00c00c64ad2e04f056f6131fcde4cc45221ac19d26cbd7205d9887a5b41bd2bb78c588591badb03ebafd6e2b7f4d45d20
SSDEEP

192:5q8J3KyvA4KprKGa5KSKEYsahWQk8C8IGYBezZN6JF9v0DBP66sKxTJJ0:5qkKyI4urK5KEY3jCbBqnI9vE7VxTJJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Vision.exe

Files

Vision.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:/Users/pear/pear/pear/pear.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ