zwqzBp3lyu3UPYc[.]exe | Triage

Sharing

General

Target

zwqzBp3lyu3UPYc.exe
Size

662KB
MD5

665e0b39d01ec408f1e8f7fc1b2bec32
SHA1

a42c424b54ac462f3158eff4b873bb0b0535d58f
SHA256

15696d741a180dacb5b3bb87cad566b4f2ffca1df0a6673d03f9b40c71ea4def
SHA512

bc225e25ab3f5c1621b3ce91372c811444e20777ada905079fb560c991fccee3a14f7887ac623c6bf89e0b88323588457a1aab1f1cd3662214bc686b05e7508e
SSDEEP

12288:e7ni4IykaC+tMsWsNjQ9s+7LyW3avZPox1SumL:e7cd+tEqcLLyLhS1Sum

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
zwqzBp3lyu3UPYc.exe

Files

zwqzBp3lyu3UPYc.exe
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ