60aa5b93e138249f07c93326f7bd987d4815e270e68385b6a842ff245f947847 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60aa5b93e138249f07c93326f7bd987d4815e270e68385b6a842ff245f947847
Size

66KB
MD5

59ad696a0e267e238a8f39ccb843c909
SHA1

fc07b23d4b87df0e7663d1db0a8515f981949d5f
SHA256

60aa5b93e138249f07c93326f7bd987d4815e270e68385b6a842ff245f947847
SHA512

12dce2610a30d9e6edaf402ed251431f44064920677bb30b0a5063a635c901d83baaa5eb7792666d611eb2a4f267b2fbde194a855b8d471ae941e4a38f640494
SSDEEP

768:4Ih6CTCafsa3d4nYZ3AQXgcCxPDagQErLqXHcFu9u5uk3J0uMD+Xzo8HX:4FCTgnNFcCZDq+kduok5BMOU8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60aa5b93e138249f07c93326f7bd987d4815e270e68385b6a842ff245f947847

Files

60aa5b93e138249f07c93326f7bd987d4815e270e68385b6a842ff245f947847
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\rfrank\Documents\Automation_2.0\vs\RSISetup\obj\Debug\RSIAfwMgrInstaller.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ