3b91b5b051f2f403585e20aa4ed86a9b24322cb183d2cc6d43e640c4fdabce51[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b91b5b051f2f403585e20aa4ed86a9b24322cb183d2cc6d43e640c4fdabce51.exe
Size

640KB
MD5

4fb038f251b964858efd68f9fd5d2bc0
SHA1

c8f561af3992292c58570d81fc41a3db2926a95c
SHA256

3b91b5b051f2f403585e20aa4ed86a9b24322cb183d2cc6d43e640c4fdabce51
SHA512

9e768d489575081a4811978f3ac819780cddb680468618dc196048c9b1203dc026eae79ab2f3f089997e709ca9fa9c4e3f461cf245691570b4bce7b5aa6f79a1
SSDEEP

12288:u1JbfUSnIJKfJrvpC5raJqoiWcVG89gwX860eUc128Dxpki:u1JbL6yL2rKiWcVGS8he5128D/ki

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b91b5b051f2f403585e20aa4ed86a9b24322cb183d2cc6d43e640c4fdabce51.exe

Files

3b91b5b051f2f403585e20aa4ed86a9b24322cb183d2cc6d43e640c4fdabce51.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Source\Resolver\Dev\Client\Endurance.Re.ReSolver.Client.Shell\obj\DebugGated\Endurance.Re.ReSolver.Client.Shell.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 617KB - Virtual size: 617KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ