random[.]exe | Triage

Sharing

General

Target

random.exe
Size

341KB
MD5

6446a00eb59754e15749af229b0d5217
SHA1

69c0311f0b121eb378e90a1dd88925c424c1a07b
SHA256

558fe8c705bbd035f886cc02acee3fdfa50398e74795f62d182e01225d58e2e2
SHA512

63ffddb80faa7013dc4c665e1614ee7175d313868636e2d6bc9b8e1fa941134ff425f6f02c64a5509eb97a9be8bb87a2a9859cd57e72d10b7bbf13887cf0ba58
SSDEEP

6144:AT1Bgj04zLS/70E7IodJ6vsVzsooEAPmIV49g2/GzrtXAlGSExj76f:Gb45zA7Fv6vsVOzm9t/Gzr9AsdP6f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
random.exe

Files

random.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.BSS
Size: 322KB - Virtual size: 322KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE