4f152a719d6943571ff052f08b27deb0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f152a719d6943571ff052f08b27deb0N.exe
Size

196KB
MD5

4f152a719d6943571ff052f08b27deb0
SHA1

56c05b1e8c6bcb4d7ce5fef372a238bd63037a41
SHA256

2d7f163f8efa2f4b62f3877fb7f315f9ee2c9c7d6d4fd334d40d9f4a3e7d6356
SHA512

f978aadab3097dbdc79e4ae99f3ba70441bf01d314428c89be6f0c951cbc3644b0d3a6c396bffd4a1ec2ba6a7215fbd11fecd158c83e4e2f54dc5daa2bb48817
SSDEEP

3072:0E9+0SKccWHufUzpoKcS+pf0wWcFSxcVUKE0bAg2Tr9PD7dOyPhRXa5M2VkyRHuf:0EI0wVXvpTxNr1dOQRXa5M2L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f152a719d6943571ff052f08b27deb0N.exe

Files

4f152a719d6943571ff052f08b27deb0N.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\sakuma-k\My Documents\misc\project\vb2005\TemRep\TemRep\obj\Release\TemRep.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 176KB - Virtual size: 174KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 4KB - Virtual size: 157B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ