6f5887414537f53237309b4f8db557f0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6f5887414537f53237309b4f8db557f0N.exe
Size

45KB
MD5

6f5887414537f53237309b4f8db557f0
SHA1

676ccc630e695d961cafdfbeb56905850bc1c65f
SHA256

59e63e5ed0a89375724cba60c80e961de408aa7b7e7602a1e504644d08b1e172
SHA512

aec61579479ba7eab3e89ea37e5e13c947d2332533938d0af3f2bc751957de628dae571132dea899a1d89146bd0e803c08060257c2b8e3fe35200adca1f117fa
SSDEEP

768:TBuTw0+xF4bcH9f9lkyC7Qf3kdX8wlMddFJFB:tcb+f4oH9fHkXMUdJlMBJFB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f5887414537f53237309b4f8db557f0N.exe

Files

6f5887414537f53237309b4f8db557f0N.exe
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Dev\S4MP\s4mp-launcher-v4\node_modules\electron-edge-js\src\double\Edge.js\obj\Release\netcoreapp1.1\EdgeJs.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ