App[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

App.exe
Size

4.7MB
MD5

f4a5bfef177e59dca9d75abf49c3ecee
SHA1

228923774a64d782adb269c1033e19f93d632dee
SHA256

0e40abc163fe6ff84cf2e1e19df0780e105f857e37da5beaf21fd0bf33fdf27e
SHA512

618e8b7736fa7e8a828380ea22bc62589182aa4249e7c598fb4ccbff76c344bb3b1c5734c8af8fcf19cbcf72b5129f8718f182c19d67ea7b357e005a5bc88c10
SSDEEP

49152:3uMvKlK6/e3ZnBPUhEczoCVt/5l43Dff2D2MGo6EIQ5Y7aqOOQ7118J9M0nnmG:3uYOK8IFxithlOfO2MGo6EIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
App.exe

Files

App.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.6MB - Virtual size: 4.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ