ODEME DEKONTU 00030494900059595060609000[.]exe | Triage

Sharing

General

Target

ODEME DEKONTU 00030494900059595060609000.exe
Size

828KB
MD5

d8826cf09a9b40b56e353d40d4b1e024
SHA1

ed328b5e815a91c795adbf122b8b79710c2ae2b8
SHA256

9c41ef44a3b1645d2c561f68b044777d534cd1a8508db648fb788ebb79d1b2f9
SHA512

0e4d5e405a83877debc4bcde13d86d017cb1005e56c4dc69fceefb4830e21b7aa15420d2448883982655f6387207a924daeebed4b817d48b18d21bedd15e963b
SSDEEP

12288:DdUMXe5y/t1uoGlT/zX3KsEFpBq+f3vTOQdpuL5fxpB00FYtmS3eRg:DVSKl8I3viQU5fxpB00FYeR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ODEME DEKONTU 00030494900059595060609000.exe

Files

ODEME DEKONTU 00030494900059595060609000.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Tszi.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 825KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ