787b539e74a62d7eac1febacd0f776c3483c327480476b249e09cfdc33207151 | Triage

Sharing

General

Target

787b539e74a62d7eac1febacd0f776c3483c327480476b249e09cfdc33207151
Size

1.1MB
MD5

6446b86be5c213e8486fdec19d30cd15
SHA1

a1712700e6f649045826477dbb1e3f34cec938ec
SHA256

787b539e74a62d7eac1febacd0f776c3483c327480476b249e09cfdc33207151
SHA512

21a6ff070e297fd3e01382f101164ae82b0067c87ad3aba17fb4b389e8dbd56df35b4dab1fb2af9f43b7980e047e71a413ebac3c4ecc19f4f54676f98fcb042c
SSDEEP

12288:xANOU4Kmd6i0xRHh8LQhmfHEW5qse04g2QXplYajJuv2Lsf3cvthDbqRu:xAzmd69Vh8LQh+5q4RhlYajJdLsf3cr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787b539e74a62d7eac1febacd0f776c3483c327480476b249e09cfdc33207151

Files

787b539e74a62d7eac1febacd0f776c3483c327480476b249e09cfdc33207151
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\THS-DEV\Demo\朱國嚴\THS.MES.MPM\THS.MES.MPM.UI\obj\Debug\THS.MES.MPM.UI.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ