8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b | Triage

Sharing

General

Target

8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b
Size

26.0MB
MD5

13eb2bb3303156d695ecf3f2b2c09eb7
SHA1

db1f2877681d02201c6c9d71d8c52a872c3612b9
SHA256

8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b
SHA512

6f44a7f1612f0eb4843c1e0de757a03f53d2b14e7aa8b7f983c2ca9baf0701d30f129edeab9c889655840782a1289fb4d0bf0699223e3c584afdaa4ee5172172
SSDEEP

192:0qgaiJUFTQcHVPtAXjJ9vT2O3yP8B50LOZdBcmCEJXVWwTnkVOvQu:57zFEcH769vT2OCkB50LknnVTnkVUQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b

Files

8680e9ff0246c2b7cd4a45a9c6262851ce8d12e4638e48cb1baec267c2b6ea6b
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\danie\source\repos\Qwest\Qwest\obj\Debug\Qwest.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ