31691a91f04c90179523e5f9d48091b0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

31691a91f04c90179523e5f9d48091b0N.exe
Size

12KB
MD5

31691a91f04c90179523e5f9d48091b0
SHA1

a5265ad98bf7b9fee1f4af481cc27901a9c6740e
SHA256

8679a3faa11a51f3480b6e1bd6302f71718dc89e5cedf6c58f5195974c2b9754
SHA512

dac249cd7c6032d2bedcd039e3556e3940a5fc56ebd6dfdc544297b9805bde424262c7fe39a44f83df8cf2bf48b560e75e5fc3dc1967d816b689e04e3048144f
SSDEEP

48:6thQLqEzZ1rVyMvBUMH3iFIZWUdGSh/5Ww1:fZyMvBUMAEWqhWw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31691a91f04c90179523e5f9d48091b0N.exe

Files

31691a91f04c90179523e5f9d48091b0N.exe
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-string-l1-1-0.pdb

Exports

Exports

CompareStringEx
CompareStringOrdinal
CompareStringW
FoldStringW
GetStringTypeExW
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

Sections

.rdata
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ