1164a8f550cdcca584fbef5b09a9acb89fa79fbde89a66e92e1b45dcaa982c8e | Triage

Sharing

General

Target

1164a8f550cdcca584fbef5b09a9acb89fa79fbde89a66e92e1b45dcaa982c8e
Size

70.3MB
MD5

34685447de7a88a522e09b360da83bb8
SHA1

d7a051403a980d484bc4e6be11491c7d27b7c6b1
SHA256

1164a8f550cdcca584fbef5b09a9acb89fa79fbde89a66e92e1b45dcaa982c8e
SHA512

ab29904572ecf226832aac8ecf3ad2e0d5f24c1292b25b3af67741352aa428c008b875447f5a61fd03974ba6ef0433a22e4f11d44efb3b21ef5dd9f9d3972eb8
SSDEEP

6144:9ykTQp8xurN4JlU94SyTKJPpTHf3zZOckmhrK:9JTQp8AiJl6+YxzfDZLK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
1164a8f550cdcca584fbef5b09a9acb89fa79fbde89a66e92e1b45dcaa982c8e

Files

1164a8f550cdcca584fbef5b09a9acb89fa79fbde89a66e92e1b45dcaa982c8e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\TonySoprano\Source\Repos\Installer_sharp\obj\Debug\Installer_sharp.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 70.1MB - Virtual size: 70.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ