X48[.]exe | Triage

Sharing

General

Target

X48.exe
Size

416KB
MD5

65dde6462ac46e823912a303faa37c26
SHA1

dbe775fa59119352a39633a0c5d8e0afabb0b11d
SHA256

ec7178e0f9140c652d4f2bec973e27cd27aafb828349a2381af5a327a1aba64d
SHA512

1fe29385a3ea69d53af22ea5a130fffce7231bab511fa37adf3557e42bc83d68bdd3b3a4c11f5d198da2f0e4df3a2fcb37f92301367b137a725f91c290b24bfb
SSDEEP

3072:DIj9iuko7kmnEGZghA4wHq9iuko7kmnEGZghA4wHM9YyzVb7:09iEVnEThA/q9iEVnEThA/sp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
X48.exe

Files

X48.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\maxki_czjwiow\Desktop\x48\spooferasfasdf\obj\Release\X48.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 413KB - Virtual size: 413KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ