Confirm!![.]rar | Triage

Sharing

General

Target

Confirm!!.rar
Size

702KB
MD5

4662d7133528bf980c6b1f6a7865b0c9
SHA1

76ed3f2e80b0520a4d6f38537319e8e85650d5e8
SHA256

79115213cd51631d50fdd6d76f5d5825017ff0f01e7c8a0f4d72e1c626d912dd
SHA512

d30b2dbdf0e02575cb48d044a0d9fb6b0d72a3444b8359252697c17e8fd5e7117ab2bb582ecb1eb9930d8b4a465909f3539139d444200eea1e0fe2b2e09f3c46
SSDEEP

12288:2kY0iXbGG8SH0dJQ4DbqpYJpzE9d7QmcMMFe3uC8kTKC7Pzvl81UleDtxeFTc9z8:2kY0kGGh0zLiBKMIe34crzvozRxeFA8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Confirm!!.exe

Files

Confirm!!.rar
.rar
Confirm!!.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 816KB - Virtual size: 815KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ