5a9ab31953e45d97b36ff4f5c59e913c526348def63c105690bf7a82ec66395e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a9ab31953e45d97b36ff4f5c59e913c526348def63c105690bf7a82ec66395e
Size

5.6MB
MD5

9410759553459ba1d5e19d84c0f75e53
SHA1

88b1a144cd4a4c05e4228bcc7ce23a66213d9027
SHA256

5a9ab31953e45d97b36ff4f5c59e913c526348def63c105690bf7a82ec66395e
SHA512

3c129a2478e6dbe924daced3270c1b688e8407c920dd3cc01e3b7608f9f58fd42bbe402f42284520746b961853a06c8d623aa560dcc8d3b13d682787e8f6f6a5
SSDEEP

98304:4Qt0ilH/lu1dHUtooq6aWS6N/Tkm3CUDSpul:4Qt0ild2co96zP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a9ab31953e45d97b36ff4f5c59e913c526348def63c105690bf7a82ec66395e

Files

5a9ab31953e45d97b36ff4f5c59e913c526348def63c105690bf7a82ec66395e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Source\Trunk_ClientBuild\TalentHook.Application\obj\Release\TalentHook.Application.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ