efd390f49f22f8abaa2f50ce9896414f430f62e0f4e38fc142feb54b5d088d66[.]exe | Triage

Sharing

General

Target

efd390f49f22f8abaa2f50ce9896414f430f62e0f4e38fc142feb54b5d088d66.exe
Size

258KB
MD5

6b98ed1203bbf8b10fa267597dbb9828
SHA1

bad9fef9201961790c87cb8b6e98b12fd78f3d2d
SHA256

efd390f49f22f8abaa2f50ce9896414f430f62e0f4e38fc142feb54b5d088d66
SHA512

d4d4f8c5ea8fb93e0f6987809be39e785e58f3aa4b9703ef04141d3db323f412d70bf70880699bdd1b9d932021fe0088e999aa7d3d6e5d212b22613b0b0162f7
SSDEEP

3072:6TPrKkVttbx82VHkZ2L373TSxPGkt2HDGHTyiC9u4OhK3b4MetEWZL/MFNL10puD:6zttbi2V+gr3Gj9TrK3CtYFx16XUDbP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
efd390f49f22f8abaa2f50ce9896414f430f62e0f4e38fc142feb54b5d088d66.exe

Files

efd390f49f22f8abaa2f50ce9896414f430f62e0f4e38fc142feb54b5d088d66.exe
.exe windows x86

c2e4487f461edff82f81a902e3e4f0b5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy
memset
strlen
malloc
strtok_s
atexit
memcmp

kernel32

lstrcatA
lstrlenA
GetCurrentProcessId

Sections

.text
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ