de6212c09fb7482d872ed52f84270c0e67cb66abfba042703ebbbb0a785094b6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de6212c09fb7482d872ed52f84270c0e67cb66abfba042703ebbbb0a785094b6
Size

716KB
MD5

746e396f4197e2e7e8ebf7dc67cd8483
SHA1

a5396e31f43a0449b264f3b1fd5326a343223936
SHA256

de6212c09fb7482d872ed52f84270c0e67cb66abfba042703ebbbb0a785094b6
SHA512

182d9a75f948d95efe3d4c6d335b34895a8a92e36f86304c78e5ddfef46439f1841afb407fb6fef0f76f0212deff2d61a37e31e7be46c62c23cfd54893fee27d
SSDEEP

6144:fAppj/PKaSR8ERuAppj/PoaSR8dYdWvSr3c3BCrrtEJErstEJEok:tRC3c3A9reok

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de6212c09fb7482d872ed52f84270c0e67cb66abfba042703ebbbb0a785094b6

Files

de6212c09fb7482d872ed52f84270c0e67cb66abfba042703ebbbb0a785094b6
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Madrat\Desktop\SonToll\Sonnendal StockTake\obj\Release\SonToll-StockTake.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 684KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ