Encrypted[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Encrypted.exe
Size

21.6MB
MD5

41a303702620b554aa697cadcd937f80
SHA1

861eb3f46b826678d2dea7710413a4973bf664ec
SHA256

ed3ddc8dd5074454b681f10cc1ba5deb82fe8fe981cede1465bbbf1818052960
SHA512

92d22aafa18c0738d64a0fa3ab9fd964bec4447a093983cf0ed4de89a8dcf6d29f2e7e6e36c9a1bf4b52d2cb435548a5629f5eb3b4615a4e51c0dac173cf7ef7
SSDEEP

393216:bDH7CsG0qpd0Dez0BHlwM9xi9YWqvprocF1k4d4Gs88VL6qJB6e:bDbJGT0DezMpHi9O1Js/6q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Encrypted.exe

Files

Encrypted.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 21.6MB - Virtual size: 21.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ