9cbb14fc487a4d89fb227cf854a44de89e9f205ae6944aeca5ac2f8fb1e7b626[.]exe | Triage

Sharing

General

Target

9cbb14fc487a4d89fb227cf854a44de89e9f205ae6944aeca5ac2f8fb1e7b626.exe
Size

59KB
MD5

62d76000dcffab737f80e6c278483080
SHA1

55e2a2d60cb3a8c741af385ef33753a89ff669b9
SHA256

9cbb14fc487a4d89fb227cf854a44de89e9f205ae6944aeca5ac2f8fb1e7b626
SHA512

eaf07f85759dc742dc2f10a63c1b35a10fb805b8509ca7ec313db7eaa03eb80716c26e97924947d0dd73a6783be1a747f535f309cebc63ebb7d2fe5e0b891d91
SSDEEP

768:Tnc0Wyw6BA2WQAFh6hJkJ1izkEyhlGOUKYfQ60zTHV9Im7RCf/sWhNje6Di2fUCB:Tc05PAE0vMfEzT3Im7I3sWhNjbSm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cbb14fc487a4d89fb227cf854a44de89e9f205ae6944aeca5ac2f8fb1e7b626.exe

Files

9cbb14fc487a4d89fb227cf854a44de89e9f205ae6944aeca5ac2f8fb1e7b626.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Rehm.ViCon.Service.Plugin.Profiling.Contracts.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ