a8fd756bfee7de45e9abd123e9475a22ca838807d2f6e8c8fd3497004c421034 | Triage

Sharing

General

Target

a8fd756bfee7de45e9abd123e9475a22ca838807d2f6e8c8fd3497004c421034
Size

4.7MB
MD5

d88321e4038f070967c28715d90680da
SHA1

ec69f943fa7e2b8c65a2420f9a0e51b55f4b4b66
SHA256

a8fd756bfee7de45e9abd123e9475a22ca838807d2f6e8c8fd3497004c421034
SHA512

eae35752b26763d78dbfe69957b847f9e3b834db612c5b506bd4dfd6786faaf4db265b87967f44ec680d07e530e92ab3952e48b6814163ee26573515652e6322
SSDEEP

98304:7kq1hfnUFlkhmp60kAkYm+WLSeXkMcG21dKzpwNg2+99p:jlUFlksp6pqm+iS9G2UpYg2+5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8fd756bfee7de45e9abd123e9475a22ca838807d2f6e8c8fd3497004c421034

Files

a8fd756bfee7de45e9abd123e9475a22ca838807d2f6e8c8fd3497004c421034
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CoreGetShell
DawnUiGetShell

Sections

Size: 1.9MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 148KB - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 36KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 264KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 204KB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE