file_b9223753b1da4c2ba8cfa007e2b7943f_2024-08-07_09_12_09_311000[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

file_b9223753b1da4c2ba8cfa007e2b7943f_2024-08-07_09_12_09_311000.zip
Size

18KB
MD5

878993bc8dd099e6528c905341d4fe09
SHA1

57b29a9a3a955a9e900cc26b9c551bdedf11091e
SHA256

d85b992ec6f488da7b7ab93cc6d06eb09f40ff6f42524dd07d6cf7c3383464a2
SHA512

ce4aa60baecea5258e3a50a5fa83f39c39d42a039c6c4eb5efb528057e471021f3306a02c703f415836f7a38a25e47320e65e3ed4cf037649c050cb6a5736b71
SSDEEP

384:/UK5PyarO/DM820qIH8B54EEEdAKm7Mtf0oNFDk4zLJDLGX77w5EK:cK5KarOPHa54EETkfLn/ztDLGX3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/entry_1_0/sherm-bkg-q.exe

Files

file_b9223753b1da4c2ba8cfa007e2b7943f_2024-08-07_09_12_09_311000.zip
.zip
entry_1_0/sherm-bkg-q.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\HSMPipeLines\HSMSafety\JenkinsWorkspace\HSM_Safety\Sherm\Build_Sherm_byBranch\sherm-bkg\obj\x86\Q\sherm-bkg-q.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
manifest.json