SiwaV1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SiwaV1.exe
Size

406KB
MD5

51ebab2ffc49a698920f146ac894b0e3
SHA1

ad909737996a593ea7c274b1cfb909fe0e2394d9
SHA256

fca428cfcd8005d5504f23264784f5cbdf425a1c02282abe31fd326a074d0fdc
SHA512

e25898a2e3b91da3c64411d979e373287f214d52041a614dca314c2af4e20f47143c718e1fe6dfca56c7b4adc6e8dafc19c44e0cdedee5d80b92fe8eeedc1030
SSDEEP

12288:XaPJnO73nSYZwCL+OGRxT2jsbAbGUevs/X0YXPtxssjbWDpObkp6ALnMG6V2gwGx:qdO73hZwsGbu+AbGP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SiwaV1.exe

Files

SiwaV1.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

pU4h@~
Size: 257KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ