P[.]O_23514[.]scr[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

P.O_23514.scr.exe
Size

517KB
MD5

4726a6411ea09afa5736a5f6cfe72df0
SHA1

2e33c084a33d99d3c94ae1779cf4b24eaebaa33e
SHA256

5d3125c5df560d899a483b65d52860905b9e0d85daa29ea96327c02aa8f4cd87
SHA512

b845f0f874fbeb4cf56b9be5a32c04335aacf80f68831c41e1cd5eabec24511d1d0f27a65b3bd8542eb4e2c8e476b075e2b97c232cb4326b63913902c5f467c2
SSDEEP

12288:bWYxc7CnFXr/wgsR51slIU3nlG/qyhQ5oZ1:asr4gEY0/qyhQ5oZ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
P.O_23514.scr.exe

Files

P.O_23514.scr.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ