390aca1039f733c79cd5f4c863880ff5b1d1612a0a83e9585f62b0d9fb4b2e58 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

390aca1039f733c79cd5f4c863880ff5b1d1612a0a83e9585f62b0d9fb4b2e58
Size

711KB
MD5

e3fb71a491eae2880a652ee94753bb9c
SHA1

5c6c2ebb115ecfe4a409f234be99f8f658fff7f9
SHA256

390aca1039f733c79cd5f4c863880ff5b1d1612a0a83e9585f62b0d9fb4b2e58
SHA512

fc2de958ebf16f8b2f1dd97a21b955871eef58e3d29cb7778ade38a873699127ed0f907ae3a4a228128b8ff95fb6b2c10181ae1f4876bed61c566144bcd770cd
SSDEEP

12288:PDYz8wZSxmJvMtjCU1/s+hmsCs7dnvhgwEeB1vRF8ltL3qZVbOUZiTZ3:PkD7JvO/Xmg5gwEeB1vC71ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SOA.exe

Files

390aca1039f733c79cd5f4c863880ff5b1d1612a0a83e9585f62b0d9fb4b2e58
.zip
SOA.exe
.exe windows:4 windows x64 arch:x64

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
__MACOSX/._SOA.exe