c9b8e5588c08b3305e99de7fc15ffc5f560b0618e3a94f39c50ed8d88c6bb10e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9b8e5588c08b3305e99de7fc15ffc5f560b0618e3a94f39c50ed8d88c6bb10e
Size

15.9MB
MD5

5835dd62fa30eec3c349a22cead6b58c
SHA1

8b29af485eb24f91f707cd11a76cc317f553dab4
SHA256

c9b8e5588c08b3305e99de7fc15ffc5f560b0618e3a94f39c50ed8d88c6bb10e
SHA512

32ed7b20fb3c5c8fc467366117b50b3be3029fad39eca012fad225f90b5fd053370fb1d08e6daea057c6cde0dac3a76709a08ac32f30177735a681d91f9aacfb
SSDEEP

98304:itPb5qvkVX1iIwAhL6CSHaaCoPTfxpI6SbdAqM99/BOgbu5sXIG/ciGMi:itPb5EE1vho62LxIAqEvos4G/+Mi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9b8e5588c08b3305e99de7fc15ffc5f560b0618e3a94f39c50ed8d88c6bb10e

Files

c9b8e5588c08b3305e99de7fc15ffc5f560b0618e3a94f39c50ed8d88c6bb10e
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 3.2MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE