file[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file.exe
Size

720KB
MD5

61d0ff8c549cb36137219f3b0c715c11
SHA1

87472ae18636a65f733e398619e2a9e01f259c76
SHA256

02f459b511e5135137e80a5e99130d8d30b4aadb446e85d1b8290eb6d240283e
SHA512

36d921d840b22f9338ec6b395e53279a15c208e6f2a0d0f0785b2ff65cf8d9ec38a1fbc60cd1d8692c1f0d77bbde0e01b4a45e737926bde8654488f58c662344
SSDEEP

12288:AhhDhagHCN1QPdKUP3x2AXXMj0CZBZ6lMpDe63Hjz2U0Ako/A8zth4xFRvdJCVh:WhDhagq1AfXS0CzgeayH32U0AkoI+Ix2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
file.exe

Files

file.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 696KB - Virtual size: 693KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ