SAMARINDA VIP[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SAMARINDA VIP.exe
Size

1.1MB
MD5

fde4bee8846dc26736b66e0942fac456
SHA1

9d3552c6e2d895aff0ebd95b1bfe9b34e9ac9271
SHA256

7e417a07a77949df150657dea3379332e2a1040b85f068069b84b60ed941030a
SHA512

d03cdee20d8e6117397826b00c9fa1a9ad8996e5df144da22791c1cabe26e0205c31b328f25c5d9a04c622d6949d2dcf9669ca38fc2ed3df88aecbd840e7a894
SSDEEP

24576:gwm/970HRIsNBRfW5gEeFVYrtTOe3SNymT2xjAorEH7t:gH/9gHlNBxhEeLYpOe3vxK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SAMARINDA VIP.exe

Files

SAMARINDA VIP.exe
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1023KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE