331048cec2ae3a4cd854b329a9f59e50N[.]exe | Triage

Sharing

General

Target

331048cec2ae3a4cd854b329a9f59e50N.exe
Size

6KB
MD5

331048cec2ae3a4cd854b329a9f59e50
SHA1

39c9de8690d013d1f34d8eccd9aeb0fe36f2ec0d
SHA256

e4f98efb3360f4d4eb4917aaf8f11707082f84836d4a0eff10ea952cfc72b95a
SHA512

672e353264f8c6af04023d999e874bf1232440ee27672d5cee4680eb35ba130edf7e84cd66d69e4ee991a09c21838997a2f5f4d514132f41596c2b7949afdf52
SSDEEP

96:VGEETrMLH5ESCkiVb6DcopLwlOiZgkA/hchiHE0fj/kdC12:efMiSGkCE/ekHE0jI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
331048cec2ae3a4cd854b329a9f59e50N.exe

Files

331048cec2ae3a4cd854b329a9f59e50N.exe
.dll windows:5 windows x86 arch:x86

a23064e36a7cee786955ca6fd65d4af8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
ReadFile
CreateFileW
GetProcAddress
VirtualAlloc
MoveFileExW

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1024B - Virtual size: 646B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 517B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ