ActiLife[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ActiLife.exe
Size

21.4MB
MD5

4dfc2a838d981f3220349ca1857bdb37
SHA1

cba3ff1913a96b7ce9ca6d75a18b23e21732fc12
SHA256

8c325e2d32bcd58e29c12eb0d6eb97917d8f5044a8e4119e7465b35d660305ee
SHA512

d22db1491b368e07357fabe98c6337e9c3e67420fee97fa0734bd95525280006fcc8bae9709574736a8df0e19c5c66a37f656bc5ca61311bd7b7116d9e8939ef
SSDEEP

393216:MjyUtMudu0KCp/eUeVcDknx7pt2+M4cs3/lbj65oPv0EQdu3nLzM8ly6JQDR:MjdtM8hKCsUYpt2gcg/R65oPv0lA3nH1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ActiLife.exe

Files

ActiLife.exe
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Y4Zh7
Size: 21.1MB - Virtual size: 21.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Rt3SP
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

9NXqZ
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE