02e873afaae81b9e6591dc78ac3b4d993e2f0b8dd9c4338de67d992c22ed8ccd[.]exe | Triage

Sharing

General

Target

02e873afaae81b9e6591dc78ac3b4d993e2f0b8dd9c4338de67d992c22ed8ccd.exe
Size

118KB
MD5

e9dd3265466628091538ed6c47f530af
SHA1

d5d3724c134aa5e13a151756dc2352a9ed9c4510
SHA256

02e873afaae81b9e6591dc78ac3b4d993e2f0b8dd9c4338de67d992c22ed8ccd
SHA512

9be266c16a71a122cb1738e18c475d27734231103afd19c00a5ffb8b6c5c7120dc1e3f0ad7b581da5acae52a5b4decc3b9329c2602cf3c83221a7eab8bd9d679
SSDEEP

3072:7bn5D+Ur6YcuB5xpfaWmViNuL5qgIAYUEywC99:vn5fr6WzfaWt5gIg9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02e873afaae81b9e6591dc78ac3b4d993e2f0b8dd9c4338de67d992c22ed8ccd.exe

Files

02e873afaae81b9e6591dc78ac3b4d993e2f0b8dd9c4338de67d992c22ed8ccd.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\6r7htksp\obj\Release\NETCrypt.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ