Obfuscated_testapp[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Obfuscated_testapp.exe
Size

3.1MB
MD5

a672d1c18884031f8f74ca91f07b73e4
SHA1

523b36df58619a84f8b8adce55b6f0cd93825c96
SHA256

524c2ef952b5cc692df771836bcc3e5c6fd2aedde04ce09717629ad471b8cbed
SHA512

90c4f1d592f99594db92ae8f0a0b5f4b8794722070ec9245943bff670139ed8ad8206372f3f5a7c73281359b641334a428388791d1fbb9aff5479f144a805dec
SSDEEP

98304:MxrZDqFIqbSBWTnS5gMwx0JWMMKDge5dINpQEBiJzf4zdRxPP8Vw147AuALMqFSg:

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Obfuscated_testapp.exe

Files

Obfuscated_testapp.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ