79ab28a6a01db0c999783b88c6f23660N[.]exe | Triage

Sharing

General

Target

79ab28a6a01db0c999783b88c6f23660N.exe
Size

1.1MB
MD5

79ab28a6a01db0c999783b88c6f23660
SHA1

3ad9e02a54d309c1b894498a90fbb799c77a31c5
SHA256

82ed4c3f838d6374b232778366ae48fb38a9e6790724250509a3a2ecf669d35b
SHA512

8ab9f47917aa385f738faf2ed8a624d3983b1cc52e532537f677ee8ed963e638d6402ef13ed201a5d5f580cdd58e0e189837913cb7622485dd3f11702d2c7282
SSDEEP

12288:DC5Gd5e/HMZudUZXSi2JSxflh28iQt/XmL8KvrRl/sJx+Ee/HMZu:vd5e/sZPZTkSjk3AmLvNNsKEe/sZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79ab28a6a01db0c999783b88c6f23660N.exe

Files

79ab28a6a01db0c999783b88c6f23660N.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Temp\DCommManagement\DCommManagement\obj\Stage\DCommManagement.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 845KB - Virtual size: 845KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ