cd322a3e00919c3add68ff53702d7407818accc85acfa529bbb7292af8ca228e[.]exe | Triage

Sharing

General

Target

cd322a3e00919c3add68ff53702d7407818accc85acfa529bbb7292af8ca228e.exe
Size

3.4MB
MD5

7283ed9e4e6770a36c542d92ffd871f1
SHA1

bce3e832d06b64958ae285071e1fb128a35e5671
SHA256

cd322a3e00919c3add68ff53702d7407818accc85acfa529bbb7292af8ca228e
SHA512

1b9e5bc77839e322a03dc68a87302938e0245fb81524580e4309a6e775b6760ef9a7e2798a0ebb9e212cb8bf5858b920a4a2dc3b902561add483be33c37477e5
SSDEEP

98304:dMIwS9cgX5jvGM7WB6aMA7gKEmIA/E2NLNmE0aEFjYj:dPL9c2vGxrn1980JmfVYj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd322a3e00919c3add68ff53702d7407818accc85acfa529bbb7292af8ca228e.exe

Files

cd322a3e00919c3add68ff53702d7407818accc85acfa529bbb7292af8ca228e.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Desktop\K8Ladon\XorEtw\ConsoleApp1\ConsoleApp1\obj\Release\ConsoleApp1.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ