0fc4a7395b23021a279ec5b8e546ae34a3da5fb5662b129c5e31980dee87f06d | Triage

Sharing

General

Target

0fc4a7395b23021a279ec5b8e546ae34a3da5fb5662b129c5e31980dee87f06d
Size

4.6MB
MD5

b50b68d7eecf3f0d26e18915e73f7992
SHA1

5ba811b40d02876f13d5db74ed771850c86056c6
SHA256

0fc4a7395b23021a279ec5b8e546ae34a3da5fb5662b129c5e31980dee87f06d
SHA512

47bfcedc54584a3c161cf4ad6c64e67cc307ee4d4f311e1234d93a776eda05c8244129297c13e953811c24e847bf5fe68cfb480cd7d1efbf3003734b44b82921
SSDEEP

98304:fFMlp4ybymzH1DV0bK2tSp5i3W+YtCInzaXNE4lhLXB3cfwAFerXvnjgwME4fjgo:tMlp1bjzHhVfG8IXcCc4NEWhLx3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fc4a7395b23021a279ec5b8e546ae34a3da5fb5662b129c5e31980dee87f06d

Files

0fc4a7395b23021a279ec5b8e546ae34a3da5fb5662b129c5e31980dee87f06d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\Users\Lee\Documents\Visual Studio 2013\Projects\PPPwn - Copy - Copy\PPPwn\obj\Debug\PPPwn.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.>I}
Size: - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.k5V
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ww`
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ