extracted_payload-cleaned - Copy[.]exe | Triage

Sharing

General

Target

extracted_payload-cleaned - Copy.exe
Size

5.8MB
MD5

93bf3af1a0f7714baff7d12c7554111e
SHA1

996af0047fc17b0cd2385cbfcf51219b70ebd557
SHA256

6f76eccd32ffc9445a842b4442044c5ad92a58ce58a0552913e703c942b81f96
SHA512

51da3ee71d55e8a742f72f99a31193310868592cc8fb3e12fb6e88c891ace874b6be93b535a4777cf544e50d0b65b0ea36a79281c9b729ba51d7dafbb2f97ab4
SSDEEP

98304:SVzA+NolR3oceUQ1spbvuKSUJ17LrbH4q8y1iYVk1OUkh54oZdxkOHYSM:SPNO3K1spbmxcrbH4a1iYVk1O15DUC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
extracted_payload-cleaned - Copy.exe

Files

extracted_payload-cleaned - Copy.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ