b693b950e48a32a7a19a7052e3f183e0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b693b950e48a32a7a19a7052e3f183e0N.exe
Size

108KB
MD5

b693b950e48a32a7a19a7052e3f183e0
SHA1

bba6fe8c4ccacdcf2a2156af0d1709b40e26fdae
SHA256

2142fc9138c1f1a8c60b6efa6bea5d9d06879b46fbcc1c9ffaf490910a02e2d7
SHA512

3374c153b6f11131634b6d4f69b8859a5a6550b5b7c7f21632e2151f0a228faa1d5427905937c2f70c80281e7c101e6b7b3d7832345f1c5e54e19a2a25b69fa7
SSDEEP

1536:cNHKOowv9Dm5gQl/Yxdx2Hiv5km2B9c7A8z9gr6koI7m:ccOowv9DUhY0Kk5Q7hpO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b693b950e48a32a7a19a7052e3f183e0N.exe

Files

b693b950e48a32a7a19a7052e3f183e0N.exe
.dll .js windows:4 windows x86 arch:x86 polyglot

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\windows\Microsoft.NET\Framework\v4.0.30319\Temporary ASP.NET Files\root\95126ce9\6d005bfa\App_Web_mg24rvsw.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ