bbab429330608c9986a82ac9dca6ce10N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbab429330608c9986a82ac9dca6ce10N
Size

15KB
MD5

bbab429330608c9986a82ac9dca6ce10
SHA1

38a59b76bf8b03dd503ac536726f5d1795ab1f05
SHA256

afd763a3abac1d81be511d4a92ac4e56237b5311440d45e8422443aa15a9adbf
SHA512

a9ee4dbc55ac2223a5b7086a2d2280e9c8e15bd6071cc6545b3d80bf3ac5ce2c6454980cba735c542248a6c27eda1abc611b6202fa37560385747ae414fdc5ca
SSDEEP

384:6dnp8XWTrT5RuawC1R/GKYLk7kXnX7Oct7V6/VMDw10:6dnySrT5R4/r0/O8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbab429330608c9986a82ac9dca6ce10N

Files

bbab429330608c9986a82ac9dca6ce10N
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

X:\SimpleShellCode\SimpleShellCode\obj\x64\Release\SimpleShellCode.pdb

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ