5344876d9ad44ad25a552df51cd64df1d6af1f54f072f518a7d8895742c969ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5344876d9ad44ad25a552df51cd64df1d6af1f54f072f518a7d8895742c969ca
Size

514KB
MD5

86491378fbc2c833418160efd4d484e2
SHA1

47520b4f47a27f954d010af046d7e7d8d60bdc07
SHA256

5344876d9ad44ad25a552df51cd64df1d6af1f54f072f518a7d8895742c969ca
SHA512

32994d861dcb9faeb869165e7051221ae70c55c6a4646d31aaa55e382f1c3867c294dd7675cd4213608d7fa6f3111cdaca9c25e21ecadd1e19e144fcb7a54a5a
SSDEEP

12288:jL+dH2wVJyegu0tY/NR+Mu7xbUZLB+Sg5bfOGjioZXAZX:jL+dH2MS1yLu11SGRZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5344876d9ad44ad25a552df51cd64df1d6af1f54f072f518a7d8895742c969ca

Files

5344876d9ad44ad25a552df51cd64df1d6af1f54f072f518a7d8895742c969ca
.exe windows:6 windows x64 arch:x64

79b3362178937bf9559741c46bb9e035

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 379KB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE