e5c31f263b1c09ff9a8d9763489bb4a764e99d27ccf475ef1991e0da9e4629de

General

Target

e5c31f263b1c09ff9a8d9763489bb4a764e99d27ccf475ef1991e0da9e4629de
Size

659KB
MD5

fc0d45374385214851abd79fee79a7fc
SHA1

d73fd53109aaf28b51096ce1a2b90a1663bd74cb
SHA256

e5c31f263b1c09ff9a8d9763489bb4a764e99d27ccf475ef1991e0da9e4629de
SHA512

fd64c43098e89d05407389008e5d69d2d76f0c3acf10b6368ac6a954031d70f6a1bc6f4a9ff91790aa93055c97514bd3396242aecf0092c04af408d1cc34937a
SSDEEP

12288:hRYtOhVkHMm6PT3c3V22ikNnAdwhVKSb/z2MYXTRWZv8HLKJ04USPf:heOhSb6UAkNUQv8H3GPf

Score

3^/10

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/f7c8388b7b9d110dc7f4a72fe5d7477a8dbd0e1731fd04bee8c6c5f7bd26540f

e5c31f263b1c09ff9a8d9763489bb4a764e99d27ccf475ef1991e0da9e4629de
.zip

Password: infected
f7c8388b7b9d110dc7f4a72fe5d7477a8dbd0e1731fd04bee8c6c5f7bd26540f
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\A\_work\58\s\obj\Microsoft.VisualStudio.RemoteControl\Release\net45\Microsoft.VisualStudio.RemoteControl.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 826KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ