Link Exploit[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Link Exploit.exe
Size

3.5MB
MD5

8e1000fa2862391884222506ca5256e0
SHA1

49ae64c1a2fd2e5a0be084659123c4d3f8fe6af8
SHA256

e8b93aabb1206f16cc9c0928d06df52a418453e4e2e47a673e4e9d9967767b75
SHA512

4c718e79042b6200f481bbc165f37043757d730fda36c84fc559558a825be624c9014f10696dd7db8cedb862aa20bb0fb7f5937cf960c4301f4ee97b63eac0cd
SSDEEP

192:WBEKIHtWJKVsKYVUD7gHtN35ncmx1WU5Hh281:WsHiKVsG7gH5+K4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Link Exploit.exe

Files

Link Exploit.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\source\repos\ConsoleApp2\ConsoleApp2\obj\Debug\ConsoleApp2.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ