PizDec[KR4KEN][.]exe | Triage

Sharing

General

Target

PizDec[KR4KEN].exe
Size

4.5MB
MD5

01b227aec8f15cfaa65f03494f2fa7eb
SHA1

8d5a6b80d0fec854ea7463fc19f01b629f429b57
SHA256

a15c2aeef67607aac6f960af5aa7285d35d67da06146af02308ba6cc280e4d32
SHA512

7209c7779b47034aa1c2dfa1f9816fe957a6ca15e80f760f0a232f7c8987e37ea28763ce2f6b4dcc8ff66cf85206733f543e4b305c6b97718f0fefc686f1b870
SSDEEP

49152:zwvdZBFoz8niZ9Fl5sfvckN6b8F/u0UjFcFxwJyAR8MWAckKH99ppDE11nUzQUtF:IZv7nizFl5ANVpUOT2appen5XKgzmbx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PizDec[KR4KEN].exe

Files

PizDec[KR4KEN].exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ