Xgiuavbtyq[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Xgiuavbtyq.exe
Size

1.9MB
MD5

4351e2916ea941a6af5b1c5c9eac6ee1
SHA1

e16dcd4e90916f8d183268f86daf06280019f866
SHA256

d53c05389816a8e7280281873cbb49d2940ab0861d8052b0100f0d4dee9568aa
SHA512

8fb9c0ac23b67c34efeee4c36f65250399661a74a2dfadc7dc043e7ab97658aa7b5a5022e2de676af3d8f48411859e2ff22eb5527123bee5b7c08452f584e4e8
SSDEEP

24576:+AiL21WPGh71xOM3aJgqiz6ptBDeaZsVRU6c3EksZPKAeA4zjnRbeXlLv//vcHyh:JtutBZsVRuULWXT9CrkI3cxk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Xgiuavbtyq.exe

Files

Xgiuavbtyq.exe
.exe windows x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ