2b1af114fa80b95bf2b7de0d5f01a0fda918e931bc1cfc45d8eff64dd032d546 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2b1af114fa80b95bf2b7de0d5f01a0fda918e931bc1cfc45d8eff64dd032d546
Size

13KB
MD5

cb9ed80efc9d9e5f81334213b214e3cd
SHA1

f5b8dc3d2ef3a0bba4f084452e411904084b9613
SHA256

2b1af114fa80b95bf2b7de0d5f01a0fda918e931bc1cfc45d8eff64dd032d546
SHA512

ee35bea274ade364d569fcf65d9b94f7ae1fd09d9ec76e56413220a36817fdcb179b3ce4be7a094d336c1a24822af1a83c380fdca05408497c72c602de705cea
SSDEEP

192:szeZ+x/cpfrCDaNLzHLQ+aC3vVrthEHRO8vkYcV60U2FJFEs2+:s/7DaNLzc+agVJYRO6kYcV60UiJFnh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1af114fa80b95bf2b7de0d5f01a0fda918e931bc1cfc45d8eff64dd032d546

Files

2b1af114fa80b95bf2b7de0d5f01a0fda918e931bc1cfc45d8eff64dd032d546
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kardc\Downloads\ExclusionLoader\ExclusionLoader\obj\Release\Sync Application Setup.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ