6xjcX3sV8GkRVzB[.]pif[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6xjcX3sV8GkRVzB.pif.exe
Size

755KB
MD5

e01b587a6e16f588ee386a9c89b6990e
SHA1

74693edd1cd19c7fc98a3b4e1b45af0a4ca31b19
SHA256

655bf2b084f93181d47b1ffb31e944da4cd4779a2ce1a17f37286b17684677f6
SHA512

af8a0fddf17698a2a51d1052227470430f550ffe236d401b37296703306b0612831ce9219bc80c600919b3ac09ac055ee0025506f38af828478b9bf8d4a06902
SSDEEP

12288:ohl2iNT/SHY295mtGOQrntiCA79wCav/S4zl+bBUJ9xmIX0T9T3FIf+H5vVDDZRI:oz1cHY2oNQrRx+bBAiT32f+Wg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6xjcX3sV8GkRVzB.pif.exe

Files

6xjcX3sV8GkRVzB.pif.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

RzSSRhl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ