441d9a02ca608b1a5edc519cf6f37390d2df8aa0228c56678eac799693628587 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

441d9a02ca608b1a5edc519cf6f37390d2df8aa0228c56678eac799693628587
Size

5.8MB
MD5

2536b61a042fb40abc0cb82c51de96cf
SHA1

bafca9a38d7232cb57fbab8cb59d5335fd69d816
SHA256

441d9a02ca608b1a5edc519cf6f37390d2df8aa0228c56678eac799693628587
SHA512

3781921a078fd9d85ae12baf43b5c2da0def4ff05b7fa497f2b907910b8e6714d1b80dd7462f305288b54a72a51946816f4101548c3db4e04fdfd3501aab7794
SSDEEP

98304:uOar8xuHVExiF1kEtTJPoZS/uXg9uGaACLkZAuGaUPM1m4E3YOK:uJ1ExJERJqSRwGSLk9UPiErK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
441d9a02ca608b1a5edc519cf6f37390d2df8aa0228c56678eac799693628587

Files

441d9a02ca608b1a5edc519cf6f37390d2df8aa0228c56678eac799693628587
.exe windows:5 windows x86

b5612e99c648c99574f8ebc51bb2ee42

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion

Sections

Size: 1.5MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

cyawxqxf
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggugfolx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE