85f3cce97ad8935e563209439d3f5ce0f57f9a1431be32ef9e5c2a62c40f7079 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85f3cce97ad8935e563209439d3f5ce0f57f9a1431be32ef9e5c2a62c40f7079
Size

4KB
MD5

708e7dc04d9a57ce85b9599bcf1cb97a
SHA1

d0c7a4a18562121714098ed64a48c86b00775b96
SHA256

85f3cce97ad8935e563209439d3f5ce0f57f9a1431be32ef9e5c2a62c40f7079
SHA512

bf3cea83f1ea8c3d8ea0e0f412ebf56f80eef0bfd0025c291e356ea8bf63f847c333d165870ed690933d73a7824d3133a34327547dd5b0550140426cacfe260d
SSDEEP

48:qK3SpszV+uGLVIoJEMwViF9V4h7TjhLh22QFJh8veLRuqSt:d1o1LVOMwg38EJfx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85f3cce97ad8935e563209439d3f5ce0f57f9a1431be32ef9e5c2a62c40f7079

Files

85f3cce97ad8935e563209439d3f5ce0f57f9a1431be32ef9e5c2a62c40f7079
.exe windows:6 windows x86 arch:x86

df3168797c5486363ec055b1201bff2c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\code\MS\Shellcode\Release\Shellcode.pdb

Imports

kernel32

SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
UnhandledExceptionFilter

Sections

.text
Size: 1024B - Virtual size: 755B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ