4b7a64a5def3c8e7a393089e5beb2b64dfb2107a862a4f2915b47b21dd646c3f[.]exe | Triage

Sharing

General

Target

4b7a64a5def3c8e7a393089e5beb2b64dfb2107a862a4f2915b47b21dd646c3f.exe
Size

217KB
MD5

383a37514fd7d0e9bd523c0a100bcbfc
SHA1

9ebf7366f6ea7d385f4c96591167dbb1b9c33d1d
SHA256

4b7a64a5def3c8e7a393089e5beb2b64dfb2107a862a4f2915b47b21dd646c3f
SHA512

1d44e12aa7250d17f88c1a99d03be2c54d2e2fb925f63da165c23dde4fecb861340dbbde83cc865598efb5208b48df63241f0c06ff3b6bb89e438fe42009c90b
SSDEEP

1536:VZAL2fCok9D6N7OTc6FSD28SCO6OcxuZbKygJjNeI9HM02cGwZ/wPhGsBVs:VQ2OON6I6oSj6dM0wk/wPhGsBVs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4b7a64a5def3c8e7a393089e5beb2b64dfb2107a862a4f2915b47b21dd646c3f.exe

Files

4b7a64a5def3c8e7a393089e5beb2b64dfb2107a862a4f2915b47b21dd646c3f.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\users\cli\documents\visual studio 2012\Projects\WindowsApplication5\WindowsApplication5\obj\Debug\WindowsApplication5.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 182KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ