8e6656a9fe1fea79f3aae90f0a978cb2d9545d8f5906aff12c4300df4d12a898 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8e6656a9fe1fea79f3aae90f0a978cb2d9545d8f5906aff12c4300df4d12a898
Size

3.3MB
MD5

55c2d1eb30fb111e2c114fcc4c25030e
SHA1

ef5a25cb382a91d183374766cfdec3df4aa4cb37
SHA256

8e6656a9fe1fea79f3aae90f0a978cb2d9545d8f5906aff12c4300df4d12a898
SHA512

e6a1cc091ac289ea6e2420d557f06be47e1fb47ba4ddc548dc76214820490e75b866e7aa980c60e25a3d3c8e2cbc9ef5b2814a255ff6cd4f2eb4cfd894826783
SSDEEP

98304:PWU6wpErrCV07MmgSSPMFQyYGeIkwyIaqfeOgc:PD6w6rr7MxUQt8N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e6656a9fe1fea79f3aae90f0a978cb2d9545d8f5906aff12c4300df4d12a898

Files

8e6656a9fe1fea79f3aae90f0a978cb2d9545d8f5906aff12c4300df4d12a898
.exe windows x86

df1ebfde65bd0cc7c760b796c5ae6383

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32 kernel32

BeginDeferWindowPos �k

Sections

.text
Size: 2.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.daws
Size: 681KB - Virtual size: 684KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.daws
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.daws
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.daws
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ