159f173c1601fddd2d7817bf3afea28b0104657f871dd5a9e78932d1ec6e795e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

159f173c1601fddd2d7817bf3afea28b0104657f871dd5a9e78932d1ec6e795e
Size

3.4MB
MD5

271fb721b88e515b9848e638178f1c6a
SHA1

6e3c6f878ee16b46e756a598e1b917ae27b171cd
SHA256

159f173c1601fddd2d7817bf3afea28b0104657f871dd5a9e78932d1ec6e795e
SHA512

c59a2fad1ed4ec51417b9ec15a64e1310d0a22d3932e96dd28420fcb7f127e47e7fda40c3f13ddd6aa59430efae29e451e92d96f2a7789173d40b27a2f0f6fb0
SSDEEP

49152:kWAn+mfkrOOYvEkTJkbtr5ZNMGAQqcV6gUerSqi8+rfkqm9+9cPLO:BXYvE6JWd5ZNMG1nV6+rSOWfnm9ycPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
159f173c1601fddd2d7817bf3afea28b0104657f871dd5a9e78932d1ec6e795e

Files

159f173c1601fddd2d7817bf3afea28b0104657f871dd5a9e78932d1ec6e795e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Micrologic Software\LWkiosk3\LWKiosk3\obj\x86\Release\LWKiosk3.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ