e64c4823a48781dee7ace0c9d3bba1db753c39527ebb1197eb60f1aeb434965a | Triage

Sharing

General

Target

e64c4823a48781dee7ace0c9d3bba1db753c39527ebb1197eb60f1aeb434965a
Size

3.4MB
MD5

ebaa79b733a5e41dadf3e5a6f4aa5c39
SHA1

3192cd3251f8edae329e1d4b3b77a6ae4922a7da
SHA256

e64c4823a48781dee7ace0c9d3bba1db753c39527ebb1197eb60f1aeb434965a
SHA512

0ea80521501a0f9b6a23edaadbc896ac1d5898e968085d2349f78e04a5822010b8e72f73fb4a39e5929ae76497ee8178e711576f5b8cf4a40661a38d3ad7e7b1
SSDEEP

98304:C1LbJ2V257D3qX2D1Mmics/vyvXli14lIKWZz+GK:uxoA7rqGD1f7TvXFSKWZ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e64c4823a48781dee7ace0c9d3bba1db753c39527ebb1197eb60f1aeb434965a

Files

e64c4823a48781dee7ace0c9d3bba1db753c39527ebb1197eb60f1aeb434965a
.exe windows x64

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 3.2MB - Virtual size: 7.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE