b739fb09ff0be34928356875aeff0c40N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b739fb09ff0be34928356875aeff0c40N.exe
Size

13KB
MD5

b739fb09ff0be34928356875aeff0c40
SHA1

12a4a784387c91a100eae85bf7efe831ae9e6381
SHA256

da8c820521fb90983e28eea1b105692ae748848a90585a6657defff569edb982
SHA512

ca0001962e3764e11be854736630bd346a4bff4e306f07c8d1d27727b21c77a091563e38450e1dddb2ec8f594067f0250b338e23694a14692c0f7227f106e3a1
SSDEEP

384:STgmZUH0EnuFxZS9kX9yLmTQz+bMg9hL2TPO8epwj9QpzYcCew:FUulaMLmTnbf6m8eqhYzYcCe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b739fb09ff0be34928356875aeff0c40N.exe

Files

b739fb09ff0be34928356875aeff0c40N.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\proj\skyline_21_2\pwiz_tools\Skyline\Executables\SkylineRunner\obj\Release\SkylineRunner.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ