df64ded854d5a1b3739679f82798ec33c79f15a91ae3edb7bd372df59228d2eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df64ded854d5a1b3739679f82798ec33c79f15a91ae3edb7bd372df59228d2eb
Size

2.7MB
MD5

90ac20233b4f1e9a418570cac12f3d24
SHA1

6f3935b51a679026250a09c18eeff2b2a6c75345
SHA256

df64ded854d5a1b3739679f82798ec33c79f15a91ae3edb7bd372df59228d2eb
SHA512

b305e3092f1cfcee571523a7d2466f2f64b93bf22dc455f2168ee5511d23ab4e379b28cae96d11aad9081f6f909c6db9b7fbafe56b5c949e1516d073270a5771
SSDEEP

49152:i83U49KBtp9msoFmg/4czZX1FQEE5paGmln8N4CojSQRpuV+oFz7G:0sKmVFB/xlFQ15p08N4C1eKDh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df64ded854d5a1b3739679f82798ec33c79f15a91ae3edb7bd372df59228d2eb

Files

df64ded854d5a1b3739679f82798ec33c79f15a91ae3edb7bd372df59228d2eb
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 62KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yyyjptka
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bbbypfdh
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ