0x000a000000023b66-19 | Triage

Sharing

General

Target

0x000a000000023b66-19
Size

3.2MB
MD5

6965c7c82a2f2c3fb640366f28858ec3
SHA1

af31705cf66d7666bb39dbfbb88721939577a4d1
SHA256

ad14c9e431de085972ac745e5a3ee13119cc13e2287db7edfcdae4261ded7b24
SHA512

42db28f3d87f32cf67ccf24b84ec41c7f0185bf3d6a3116940ecd797f5fb44463cfc5be751382a29e2e94538b067dfb79279b0c0c5938f42ee5e7fd2492de88c
SSDEEP

98304:BtUYhuUV2r6lU36yLc2Tp64Lc7PSwxWnF:BSYhPID64Tpzc7Swo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
0x000a000000023b66-19

Files

0x000a000000023b66-19
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

xyYxjfoh.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ