06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71
Size

191KB
MD5

7765c7068a4c9fb65b048eae0526bfc0
SHA1

dc242c457109409aeda18c31479e89f6728f9eef
SHA256

06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71
SHA512

549277090ec65b8a6c47ddebe5d980be376dd9504f605aeed561b335c974aa75225ee41774f9445637c291b728382e33b4621bf1796165fa4923c43a01e402ac
SSDEEP

3072:X/9Z2265vxUOVhpcCVtulh1vDMEQd1sYvbwKlv2edno8lKaEe+q5xzq8sGc8:P9Z2v5lUCVtGhhETzdoy+qnq8z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Activator.exe

Files

06979c8adbb0b9263f5629414e90510449dafe0e31afdfbffc5ed46136157a71
.zip
Activator.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 277KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ