5d4c081970494e03fe79d41524563fd0N[.]exe | Triage

Sharing

General

Target

5d4c081970494e03fe79d41524563fd0N.exe
Size

12KB
MD5

5d4c081970494e03fe79d41524563fd0
SHA1

7db049bde0f114d6217878232a7c7514afcad532
SHA256

582781e4c1f6f24490b6ca8d25cec2f7fadffba4b026683987931dd7c5d745b7
SHA512

8965d08c05e4588ea68f7dc215baeb00e98782cc41dd9199ac4798950312123ea37e1c1feba922faddd8a6e108cd48b5ff8ffc7fe70e35a569697994fb1c12a6
SSDEEP

24:etGSTURhBoaVQjj3UxYD8doDMvHDBy+3qOH4DfyYIZW0HscNYliV9h7r35WWdPf8:6GhBHC3n4aD0Vy+6NFIZWUdGSh/5Ww1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d4c081970494e03fe79d41524563fd0N.exe

Files

5d4c081970494e03fe79d41524563fd0N.exe
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

PDB Paths

api-ms-win-core-console-l1-1-0.pdb

Exports

Exports

AllocConsole
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleA
ReadConsoleInputA
ReadConsoleInputW
ReadConsoleW
SetConsoleCtrlHandler
SetConsoleMode
WriteConsoleA
WriteConsoleW

Sections

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ