5d5726bedbb392252348f4d77993543bdf28aed67cbc99f2609797e94f7b88e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d5726bedbb392252348f4d77993543bdf28aed67cbc99f2609797e94f7b88e1
Size

387KB
MD5

4ba8d81200ab7b52b0a5ec7a50bbc6fb
SHA1

659f46a7bc863dea59e04151271fb7ff37bfa1da
SHA256

5d5726bedbb392252348f4d77993543bdf28aed67cbc99f2609797e94f7b88e1
SHA512

bfb75bca467faea4a9472309c5bd42ad137b0f75ffd74d47a9ab5350aba0ed105615183747a990b3207b281adf5e73905d961b8030353472a2e95113b8e4e55a
SSDEEP

768:yQq6crghB7wgts30Z6D4WTKcS81kimOklt+:y56crARwYZZ6qcn1kimtlt+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d5726bedbb392252348f4d77993543bdf28aed67cbc99f2609797e94f7b88e1

Files

5d5726bedbb392252348f4d77993543bdf28aed67cbc99f2609797e94f7b88e1
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\GitHub\NemonicBasicWindows\Application\Nemonic.AMPV\obj\Release\Nemonic.AMPV.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 384KB - Virtual size: 384KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ