7c5d0e9faa15bbab559fb23a9230add582aac9debb7adde4df62ab14d27a836d | Triage

Sharing

General

Target

7c5d0e9faa15bbab559fb23a9230add582aac9debb7adde4df62ab14d27a836d
Size

7.7MB
MD5

acc8b14d68b0c28f3e7d7012c094bdcf
SHA1

381e53d3c30243038eb7dd2ff1a9c282243e5f88
SHA256

7c5d0e9faa15bbab559fb23a9230add582aac9debb7adde4df62ab14d27a836d
SHA512

78f0dd490b3873c5bf731e15c31a113f74e58b3abf21fb3d6466c5c495194f60dbf2b9afd2c527360687a5579c47f02c9bdecb1325ca84c0e3ff9df2480b6ecb
SSDEEP

196608:nXYIt5zfCwwaOioQJ/D+X3y1l+nhzagEdzxvnwF+:4o+nhzagEJlwF+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7c5d0e9faa15bbab559fb23a9230add582aac9debb7adde4df62ab14d27a836d

Files

7c5d0e9faa15bbab559fb23a9230add582aac9debb7adde4df62ab14d27a836d
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

CoreGetShell
DawnUiGetShell

Sections

.text
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 600KB - Virtual size: 598KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 964KB - Virtual size: 962KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ