PO-100001498[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

PO-100001498.exe
Size

790KB
MD5

6b7ba86b8851b45283ff034c11cddd18
SHA1

23b98f3e7e9fff4e5da378a7eef8ad797af3a59c
SHA256

3e19de87afbe8241299570654258f19e284dfd4c7f3b80fd2e17b3afb6ac48ea
SHA512

2d4e0e34d0ed6a1ee24972a53ab8a37c008b55d18f0466702193b6a27a0ab2574a704df64aa5522495330e68323234f685e1abbacebecd4be9ad7b6c21b8da8c
SSDEEP

12288:WIlFcDhLjJE6MailAnW2Mz4+PoEytfqA36QBsGFwk6I11mCAFW+zsi6+zby:DlFcDCaiSnNMz4Io+g6g5VMpFtHzb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
PO-100001498.exe

Files

PO-100001498.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

BaYwS.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 787KB - Virtual size: 787KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ