ef5d6fafb8199cb8ea26a9e2aa4d706634786fdcbedacd14d359b53277d29e8f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef5d6fafb8199cb8ea26a9e2aa4d706634786fdcbedacd14d359b53277d29e8f
Size

2.0MB
MD5

d17764d621c9f472d4e98e5703daaf3d
SHA1

c1cc49b6e92a10c86bc55779b4f7f54b7d38a23f
SHA256

ef5d6fafb8199cb8ea26a9e2aa4d706634786fdcbedacd14d359b53277d29e8f
SHA512

2cb4aeea7014a09cf9222a367ca5b525335ec93ffb0695971f7929cb92287cee24734553462ff8c2981cdc4449bac09695e3bb55f516f4da9742a05cd89d1b1f
SSDEEP

49152:rysjIylGC+wzZAElWCaPbGZfkuR6C3bLQt+HObUJJGy:ryvPC3A2WCaPusuLQt+ubUHGy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef5d6fafb8199cb8ea26a9e2aa4d706634786fdcbedacd14d359b53277d29e8f

Files

ef5d6fafb8199cb8ea26a9e2aa4d706634786fdcbedacd14d359b53277d29e8f
.exe windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ