132a814478ab7d81264dd508d14afac0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

132a814478ab7d81264dd508d14afac0N.exe
Size

15KB
MD5

132a814478ab7d81264dd508d14afac0
SHA1

8391907a056d3ae1b8712369b3e9a838214c7499
SHA256

e913ee375d8135855d3b0f5c63ec86884c000feda44d3c297f977a80b4829d07
SHA512

ff5c8b49ea9a7d43e6b38b715bd69716db74680b7d50bb6c83b50d1e3c006636d0ae52824dcf7085f2706d387a291e4f0c603494add0efafed00acbbd0ec7430
SSDEEP

384:lAyG2J0pd9lvrNMde5IvP96uabgWNmE4fSH4uH7aat2w:8u0g84fjI2agw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
132a814478ab7d81264dd508d14afac0N.exe

Files

132a814478ab7d81264dd508d14afac0N.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\okovalchuk\Documents\Visual Studio 2008\Projects\ContactCenter\CallCenter\trunk\XPhone\obj\x86\Release\XPhone.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ