H2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

H2.exe
Size

15KB
MD5

aff4670aaffd6e3335879b4f3c70f109
SHA1

7c85f21ab609c4a6c935d56303733d6882bffe5c
SHA256

1f9842627fe0e1605f2b90c3125b1ab93deed7cdbc979d6c5cdcbe73682da585
SHA512

29533ab051894601ebcfcefd5b112ab788a68e05d122b31538beadff9594c7da3b74261d50e3d4902c47a6cebdeff4a5897c05ea1bd8d0a0d7f6ac7959a32145
SSDEEP

192:8cL6WGugf7GgajxgU+uXK64f/KJ6enLc0AAULZUDqE2dBYknzKqLuVxVtJ9v:8cOrU+yXkiPLW7LZ7EaCxV79

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
H2.exe

Files

H2.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\aiden\RiderProjects\H2\H2\obj\Debug\H2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ