1b3ba9a05736945079a7c254695c8bc744d89e94ac698b787e6e3e3e983c1c78 | Triage

Sharing

General

Target

1b3ba9a05736945079a7c254695c8bc744d89e94ac698b787e6e3e3e983c1c78
Size

5.9MB
MD5

b05993bebf40141021711bff51ad76c7
SHA1

a029e3fc8a090c946b7eb2ff22149f0dbf2e57cb
SHA256

1b3ba9a05736945079a7c254695c8bc744d89e94ac698b787e6e3e3e983c1c78
SHA512

5344da30824a4c0ff06a99a6308a776423a64ca4f432ed044d734562fff0ee3282ab8c931b86559cf2e621c98ff1a29a518c15f625f32b0b4d62584f0155a150
SSDEEP

98304:4YIvsUcUKbm23z12d+EKSl4XTYrxoEytOq8SlqvQMvwSimrFlG73ktb6ia:4YIyC2DO+fSl4jYVoEWObIqYMvw9eC3B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3ba9a05736945079a7c254695c8bc744d89e94ac698b787e6e3e3e983c1c78

Files

1b3ba9a05736945079a7c254695c8bc744d89e94ac698b787e6e3e3e983c1c78
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 359KB - Virtual size: 359KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 101KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 22.6MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE