cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
Size

2.4MB
MD5

0cdd8f3246cd482465cb82b6fc4b367f
SHA1

4fe9107fd47b3210a5466072c8384af6eee459df
SHA256

cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
SHA512

7636ca5e0c1b97ed3be9e103d273941fda0e26e4d97569d04df76421693b493fb266b8e9c0baf13b8e17bd5540369d369af7555f446aa59d82c3a8878d85752e
SSDEEP

49152:w/////////3/5////lsbWH2nEmdWyS7gE/3////3/3hybxYM9/6UYR00:w/////////3/5////lYdWLr/3////3/E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52

Files

cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Demornay du Toit\Documents\Visual Studio 2012\Projects\Release\obj\x86\Release\Genesis I.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ