b9cf6db6505d6824fc30c93d736abe7d0e4c3131d053a3dc07bf11dcfcc6972a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9cf6db6505d6824fc30c93d736abe7d0e4c3131d053a3dc07bf11dcfcc6972a
Size

3.0MB
MD5

70642a433e55b9658d40a7b24781cb2b
SHA1

1e97c0eb600d937e344d5c04fdbe802ae744d860
SHA256

b9cf6db6505d6824fc30c93d736abe7d0e4c3131d053a3dc07bf11dcfcc6972a
SHA512

2b055366476283a621325834b9e91f52030c000843138e606ae9f28497e6ab4df726f799a407d311e3f443575db9b56261cbff73660ab91ba28abf3e4c1880c3
SSDEEP

49152:H7TvfU+8X9GrNOsva5RbKhF3ANkTTltIsaDRC1QTYdSsFDsRGE3x:c+8X9G3vP3AMXIsalCxwsSR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9cf6db6505d6824fc30c93d736abe7d0e4c3131d053a3dc07bf11dcfcc6972a

Files

b9cf6db6505d6824fc30c93d736abe7d0e4c3131d053a3dc07bf11dcfcc6972a
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 994KB - Virtual size: 994KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 386KB - Virtual size: 385KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ