af800520c5d3537396be51def3eadb422adf32031eae8106037638e6a7dcd3a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af800520c5d3537396be51def3eadb422adf32031eae8106037638e6a7dcd3a7
Size

12KB
MD5

1fe0624417089bcc146a279a9088cff6
SHA1

96bdc893012804f84e9ae75df5a88823e202530d
SHA256

af800520c5d3537396be51def3eadb422adf32031eae8106037638e6a7dcd3a7
SHA512

b125f11110ef555775e02fc592cf21736cc6d4db0e66b8330073e157a6784bddc436b8ee9a08760c7135740bf99a52e41b82fd9aa2a546f8bb9c027021b6a0f5
SSDEEP

384:pL7li/2zgq2DcEQvdQcJKLTp/NK9xaw0:Z0MCQ9cw0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af800520c5d3537396be51def3eadb422adf32031eae8106037638e6a7dcd3a7

Files

af800520c5d3537396be51def3eadb422adf32031eae8106037638e6a7dcd3a7
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ