4110f7ebc82cbddce7eb94e3ca852d506bc45a5d0c2f40d85331e26307e5fcd8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4110f7ebc82cbddce7eb94e3ca852d506bc45a5d0c2f40d85331e26307e5fcd8
Size

118KB
MD5

da42eca91ba40868333fd74aa5f668b1
SHA1

db3d7667335e39568bc20789fcd92542e50f017d
SHA256

4110f7ebc82cbddce7eb94e3ca852d506bc45a5d0c2f40d85331e26307e5fcd8
SHA512

48ef2afb0584e7da041bb4c6000faa5d6ed086e2e260d1e5148c6beb7cd200bf8436f7d2ff4796fea30b01ffa823a533d734f1158faba804c06bd86b5881d0bc
SSDEEP

3072:bK3MfHNsCI+W2ap0cODRd/A8U6enm2/NJ0:bKcfHNsCbVap0cuRd/0P/L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4110f7ebc82cbddce7eb94e3ca852d506bc45a5d0c2f40d85331e26307e5fcd8

Files

4110f7ebc82cbddce7eb94e3ca852d506bc45a5d0c2f40d85331e26307e5fcd8
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\lqp9txz\obj\Release\NETCrypt.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ