6883495abd8aba7aa8add1ca7bef683a9e507d46897d51bc12a2fb406df2179b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6883495abd8aba7aa8add1ca7bef683a9e507d46897d51bc12a2fb406df2179b
Size

2.4MB
MD5

5ac6d243672b55d63fc728d5f6096d8c
SHA1

14cfd98fe5bc6a504b0c0329c16fb85377d55573
SHA256

6883495abd8aba7aa8add1ca7bef683a9e507d46897d51bc12a2fb406df2179b
SHA512

38f59a8658a0f02aab938e99b78d1486b3a411035e393d63cfa14c150e084aa5611bbf50bc0a3512ea4282f1aa8110b4ec89d213d1aa20ff374c6f97b3fd5f7a
SSDEEP

12288:uAkQ93jN3gxd0wf5E3+xDKu0Y4U48QK5vABVcVE1a6gS/O07LmpkVDxSY:dkQZN3G0wf5EO7pQK5vArcVog04Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6883495abd8aba7aa8add1ca7bef683a9e507d46897d51bc12a2fb406df2179b

Files

6883495abd8aba7aa8add1ca7bef683a9e507d46897d51bc12a2fb406df2179b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Rob\Documents\Visual Studio 2015\Projects\GBVI_Designer\GBVID\obj\Release\GBVID.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ