5b4f79eabdb56a470fb9e6a85c2ee6dd0bbc91543a4538d1389e987e66bcf866 | Triage

Sharing

General

Target

5b4f79eabdb56a470fb9e6a85c2ee6dd0bbc91543a4538d1389e987e66bcf866
Size

2.6MB
MD5

583f6b00c52bd5afc1d8056fc545fca7
SHA1

e820d03d6eac8af0cef5e9737738bec7b491d432
SHA256

5b4f79eabdb56a470fb9e6a85c2ee6dd0bbc91543a4538d1389e987e66bcf866
SHA512

e78e58b832a1965889991f235d728661229a1b18a81420d600d695c4b6cd2e4d54ff317591ecd9ec710e49e020b2392b584fc5cfbaeb6f8a07caa4284a3f5130
SSDEEP

49152:RbIrl/Uxldber4n1GVxBQb0OuNoe1IF/E0YoNFaHGuQBffy:RErl/UH9j1sBQbTuNKdEVHGuQdf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b4f79eabdb56a470fb9e6a85c2ee6dd0bbc91543a4538d1389e987e66bcf866

Files

5b4f79eabdb56a470fb9e6a85c2ee6dd0bbc91543a4538d1389e987e66bcf866
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ