e4d1589c9ffb0a9378b0f050e62cf5f3e29deb14c6339a45039cebd958fa691d | Triage

Sharing

General

Target

e4d1589c9ffb0a9378b0f050e62cf5f3e29deb14c6339a45039cebd958fa691d
Size

5KB
MD5

f121045062b1a2be7151e61ee050c528
SHA1

5ac6ddc3c7010abac1c0aa71f3d0e9763e062f10
SHA256

e4d1589c9ffb0a9378b0f050e62cf5f3e29deb14c6339a45039cebd958fa691d
SHA512

4997988d04cc1ad16ee3b5ee5348767fecaf30c34e954d0efac1a378e08ca174b42dfd2d7139ef59c3e73be68240d9cc496f9e8151830c95391d848d2033a3e9
SSDEEP

96:p3Ah45pe9QzFutYzLHi4OdD7xRwgG3usx+hnH2sTR7AxFgr36x0Jz1IM9:h5nZuCXHZO1zw3kHhRaebOs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/severe/upgrade.exe

Files

e4d1589c9ffb0a9378b0f050e62cf5f3e29deb14c6339a45039cebd958fa691d
.rar
severe/upgrade.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\updater_\obj\Release\upgrade.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ