a1185696a1b055a99d87c84ea9d93671139db30e9bde07e62ebda0b303eab0ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a1185696a1b055a99d87c84ea9d93671139db30e9bde07e62ebda0b303eab0ee
Size

69KB
MD5

93c1a52c60863675405be372e8864166
SHA1

4d2d42a44a9d3343aa49b3d1a91bcc804fb32ecd
SHA256

a1185696a1b055a99d87c84ea9d93671139db30e9bde07e62ebda0b303eab0ee
SHA512

02c5178bfa7ed2db460403176e7c1f3795a0291762ba125ca32a042ff1e75caca51eadb0eb034aa1ef80365dacb62f1abf466925eef6137e9e61fd8c4c3f7b3f
SSDEEP

1536:nqLhBXLaVPB9BGBBBBBBBBFAiBBBBBB968d/XhXBGTCLIBBBBBBBBBBBBBBBBBB3:nqreVPB9BGBBBBBBBBFAiBBBBBBvdvsd

Score

9^/10

Malware Config

Signatures

Molebox Virtualization software 1 IoCs

Detects file using Molebox Virtualization software.

resource	yara_rule
sample	molebox

Files

a1185696a1b055a99d87c84ea9d93671139db30e9bde07e62ebda0b303eab0ee
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 512B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdkpqu
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icrnnl
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gxuenq
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE