191ee8fddb80707e4bdb4f13979d521aca69e521aafd0b18736506c789ae2553 | Triage

Sharing

General

Target

191ee8fddb80707e4bdb4f13979d521aca69e521aafd0b18736506c789ae2553
Size

327KB
MD5

0ee8066c8d05d53e5c1e93eaac264542
SHA1

bb9ae1109a0d02bd01ad2c29806add30fa01a247
SHA256

191ee8fddb80707e4bdb4f13979d521aca69e521aafd0b18736506c789ae2553
SHA512

3a87db3b6c853cfc07fe085cff60107e7e9e70b34b269027053777be3932c7eda22c83c13f61a7337de3862929482460ea49ea3a0b7588c799c842463a8efd81
SSDEEP

6144:+eTSPhzEBrFDC9/9gh92fZjWHcLdP/ljevLjQGWxylRYLDODv9QJ:zeBEBrFm9/9xZjWwdP/lyTj5WxyOgi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
191ee8fddb80707e4bdb4f13979d521aca69e521aafd0b18736506c789ae2553

Files

191ee8fddb80707e4bdb4f13979d521aca69e521aafd0b18736506c789ae2553
.exe windows:4 windows x64 arch:x64

08d4427fe002789dcba3b83243e1fbef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

shell32

SHChangeNotifyRegister

mscoree

_CorExeMain

advapi32

GetUserNameA

user32

EndPaint

kernel32

GetModuleHandleA

Sections

Size: - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 462KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE