5954e2952d7a0dc28a7f2cebec1734a289d67af87788a8c4797d4d60ac8fc042[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5954e2952d7a0dc28a7f2cebec1734a289d67af87788a8c4797d4d60ac8fc042.exe
Size

242KB
MD5

d9306a829af2f917befa3064efac8fdd
SHA1

9a18a531849483d3b07f29d045c61c568e3a7a66
SHA256

5954e2952d7a0dc28a7f2cebec1734a289d67af87788a8c4797d4d60ac8fc042
SHA512

414f311f17387d9a558491e61471d279f8503054c3a7b042203103d14266eeb17bb361fc955f83ac3ea9d22258d1cc35d7a469f34125b7dca4ea755054016976
SSDEEP

6144:ARuZtC5oUtUE4+CF+RLYVp4XDrDqOhb4D2yyxFRX1VHla5Qj8nPmxTCzI:ARuZtC5oxqTeVp4pGwHRX45Qj8nPmxTT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5954e2952d7a0dc28a7f2cebec1734a289d67af87788a8c4797d4d60ac8fc042.exe

Files

5954e2952d7a0dc28a7f2cebec1734a289d67af87788a8c4797d4d60ac8fc042.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

[*<
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ