gfrsdgfdgdfgfdgdfgfdg-protected[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gfrsdgfdgdfgfdgdfgfdg-protected.exe
Size

1.0MB
MD5

51424477c0e04e1989910350bcec164b
SHA1

d06cb510310160935d86a43368c44674a5c5666b
SHA256

e64b96428cf1044f7c923aad5d32d9d01c81502c189e3f2014f90ff0c3f700ec
SHA512

cc5a5f7a47cc20276a6fcb94ac9fef58034929adf50868186d71314f5302cc245ea0b1e0f89edc6b33eb135bfec89608d96be5ea8ded4ce425d48c9909b1d2cc
SSDEEP

24576:Ju2bo65DcJWhUi5x0P1BKLHgUmxKAetN:rz5sViP0P2bgUlXt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gfrsdgfdgdfgfdgdfgfdg-protected.exe

Files

gfrsdgfdgdfgfdgdfgfdg-protected.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

H*&wI&
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

H*&wI&
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

I3FBEC94
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ