497ddb1d308b7bd54560146382543475e16b892938cca0587a7d56a6bffa673a | Triage

Sharing

General

Target

497ddb1d308b7bd54560146382543475e16b892938cca0587a7d56a6bffa673a
Size

33KB
MD5

2a910fcbc0279c84b8e16ee49cec237b
SHA1

f9fedad815e364a44543b87256a6935c898b3374
SHA256

497ddb1d308b7bd54560146382543475e16b892938cca0587a7d56a6bffa673a
SHA512

5d0f0c7b1b3136a9722e46c4c059c468cae43031089f53cc01163301d1d42f4eccb78077d1686e65171dee413aabc7240085583a4ee8bc74592980fd94dba113
SSDEEP

384:fpRCDkxUCLJaLhsGHlrNZcqLOZcLXdJkI0KIgGXuk8b3QRv5rnJn6vmhJcVe3kv4:BROk2CLJ2HHnZcqLDXUHZt+kVfkw5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
497ddb1d308b7bd54560146382543475e16b892938cca0587a7d56a6bffa673a

Files

497ddb1d308b7bd54560146382543475e16b892938cca0587a7d56a6bffa673a
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Builds\41\ITnet2-2024.10\Web\src\Web.Agent.Updater\obj\Release-Master\upgrader.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ