service[.]exe | Triage

Sharing

General

Target

service.exe
Size

48KB
MD5

98747f5b8125fdbd59f050e30618867f
SHA1

19adbbc70a56d1cefc2f8c60a139e0540affe661
SHA256

0101605928448cc2af7c21ce1f0e701989816fd83c7dc233ca43516427ed8ab7
SHA512

f1356242dd9f56d3606ca3707d1cfddc7bba90cdcd902cc2400255ab63c4608986d249520a7f4c330b11c4b428dbb2468406b7e2b455611c03e8c8dfac6e9aca
SSDEEP

768:tzudimXcTHesAM68IwLXxIICnUErFjeiR5C2w5zP0AMj0OLDKTM/vO0AURXSO:d8LzmBpkrdaJ0Ak5fKY/rfSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
service.exe

Files

service.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ