FATURA VE BELGELER[.][.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

FATURA VE BELGELER..exe
Size

942KB
MD5

c62da7a3eac6bae78ea8a771faa65d17
SHA1

302984629aa44746a3e8b832c4fcacabcc585aaa
SHA256

0d5548b7d4696c67dba1d5bb827285ed2d3846fd0ad28140c198ad9c467f1bb0
SHA512

8e534c1e0d80757c9b8d02895f67d0ac46c15dd3f5fd418e4482859c8252f64bc0dff4d436da1af81db37d1593a0430d30562e74a1f8e845b030aa4f421c5add
SSDEEP

12288:MSYxUeoUKT5lmvV9fGRaBeUBSMUkA4zcL4pLou:gz45lmdlIaHBokA1L4j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
FATURA VE BELGELER..exe

Files

FATURA VE BELGELER..exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

HJbl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 650KB - Virtual size: 649KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 291KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ