5b5b17dff1439f8d1a766a1f9d7ebc00N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b5b17dff1439f8d1a766a1f9d7ebc00N.exe
Size

216KB
MD5

5b5b17dff1439f8d1a766a1f9d7ebc00
SHA1

f2e0c733370d29bd01ef0aab12d2e0a7fd829a4b
SHA256

babeae03e81a379b15bd5550a20fd00f86a6f52b1e8ec4d9a0032339ea0f1c0c
SHA512

d813912be440c2011f3404e91e682a55cdacc7bedd091c0b1930973ca85077e867ffe0223a17b6d1abea1f48998a41e8bf0e098dfe32c1759c6c24655121deda
SSDEEP

3072:8GkXp8S/oqrQtn/Av5i+7SkQd4fZOldduDvYy4Ju6EeReoLZmXLE/M:8GeHrWYv5ivkJZOqvYTRemZUw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b5b17dff1439f8d1a766a1f9d7ebc00N.exe

Files

5b5b17dff1439f8d1a766a1f9d7ebc00N.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\a\2\s\src\edge-v1\CommonClient\ClientControls.Primitives\obj\Release\ClientControls.Primitives.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ