3f042fac5a3468928c904b97db5a9100N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3f042fac5a3468928c904b97db5a9100N.exe
Size

4.1MB
MD5

3f042fac5a3468928c904b97db5a9100
SHA1

7467566ece0489299237cba2d8aee8d36d818bfb
SHA256

003a92f6ce915958d3fa421004bc1fa96948afdfda6da0a0bc25c15a1c15594b
SHA512

3f6bc37f86ad90bfb3c9db56fcb2ef34d545eb0a1d9d7210ac51ce1d246fb417449509cba54e5b2a1ff1ae70810167d4a3e55ad360a669794f82863e231752ba
SSDEEP

49152:JvIWSytLdOljI2oJdXN0BMOwLloBrugm8xmN3Aek03noj45wlDTu5LnHFLHkJEO:JwstJf1JdXN0B7+sMeUJF3noxD+Di

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f042fac5a3468928c904b97db5a9100N.exe

Files

3f042fac5a3468928c904b97db5a9100N.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Office\Target\x86\ship\postc2r\x-none\msohtmed.pdb

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 260B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ