736af2704b968e52feba802eb695711f5b4ded183d2d520d46b5dc5fde0bf380 | Triage

Sharing

General

Target

736af2704b968e52feba802eb695711f5b4ded183d2d520d46b5dc5fde0bf380
Size

750KB
MD5

6da1bece9404fd8187b4342f4cd94f8c
SHA1

362592dd070e0c6d1661cf2e14636bc76556ba1e
SHA256

736af2704b968e52feba802eb695711f5b4ded183d2d520d46b5dc5fde0bf380
SHA512

4534e560681b7d2043c1778ffdf26ff99d6787d8e7b0c5858948bd6a7941d7cd5a5a713a1c197ae671712cd2508ddece7f9339c5ec3e46c2d0d7a4fc908bd148
SSDEEP

12288:d4d8LpkVaWkrEvx4iHbjKqdzpVwNvIR6D5T/ZJ+qTGYUgkils5BnrUAU1:d1yzxR/KqtQNvIR6Z//

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
736af2704b968e52feba802eb695711f5b4ded183d2d520d46b5dc5fde0bf380

Files

736af2704b968e52feba802eb695711f5b4ded183d2d520d46b5dc5fde0bf380
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\DEAPR\AB\Jenkins\Build\Jenkins2_R_2_6\Platform\Development\Platform\Sources\_AutomationBuilderExecutable\obj\x64\release\AutomationBuilder.pdb

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wibu
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ