20b5e7cda493e50ad747c4ef2fccbe39a6cfb87fa51171d3041c45c48f38fac6 | Triage

Sharing

General

Target

20b5e7cda493e50ad747c4ef2fccbe39a6cfb87fa51171d3041c45c48f38fac6
Size

3.0MB
MD5

79572e9568b6596fcdb3e4a28c5183ee
SHA1

e0e36069aac76e221973c7e53ca3a6e38f6a2662
SHA256

20b5e7cda493e50ad747c4ef2fccbe39a6cfb87fa51171d3041c45c48f38fac6
SHA512

bdcb1e3bc5a5f41851ddc960bc0a026441f663c5c99503b0587c8234d5c9793839e9c12de85f9785ba14b21c0e21b9ce4c0a0e29c6b1b03f805ca6341c776bfd
SSDEEP

49152:yHpg7U7f7z+ugX1nHZwOXaBG4IF5GuV6QC+tEcF3dtaSCrL5:Agc73gX1tqcgVQfH3dYr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20b5e7cda493e50ad747c4ef2fccbe39a6cfb87fa51171d3041c45c48f38fac6

Files

20b5e7cda493e50ad747c4ef2fccbe39a6cfb87fa51171d3041c45c48f38fac6
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 1.3MB

IMAGE_SCN_MEM_READ

VProtect
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VProtect
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

VProtect
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ

VProtect
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_MEM_READ