8e780ae2f4a9b59f00dcfdb939b3cec0N[.]exe | Triage

Sharing

General

Target

8e780ae2f4a9b59f00dcfdb939b3cec0N.exe
Size

234KB
MD5

8e780ae2f4a9b59f00dcfdb939b3cec0
SHA1

5ef00d939055bbcab1b97da773f7b0fb6237d7b9
SHA256

851da93655a75e097eaad261b1f2f442cc6a8bbd8f36d37aaf2e996a1ea9cfa2
SHA512

f9bc7648b025257223b4202a9fa1f882d35703d9811c457410f79b8ca41ea9bb976979a5d9d01842c14b81a94fa154adc3590a854a92ca0ef416fb26b1c2a548
SSDEEP

6144:j6zBkXSQY56XgF58hXQQYVHYHe8ed/1+NzWanTzn:jIvv6QSY4yNa/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e780ae2f4a9b59f00dcfdb939b3cec0N.exe

Files

8e780ae2f4a9b59f00dcfdb939b3cec0N.exe
.exe windows:5 windows x86 arch:x86

3c6e5793e514214727b5614fbe758755

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
GetFileSize
ReadFile
CloseHandle
VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualFree
GetProcessHeap
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE