SAMARINDA VIP[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

SAMARINDA VIP.exe
Size

1.1MB
MD5

07c04447743c398d1dcc5ccbd16a21e9
SHA1

dbf6827c34f2a54c44564cb73d74cb869545c7da
SHA256

543a7c3c20043c00d55dc1837188cd5c1c3c3df39ebd0aaf6abf37c061713931
SHA512

4b39c10496bc879a75ed6632ea363aaaa3b286fb2d5cf6c7589adc789003f436f6e15e6f151a6c6063bc5da40718789eb0263487ea95fad3802043b370a195f3
SSDEEP

24576:gwm/9iHRIsNBRfW5gEeFVYrtTOe3SNym22xj5orEH70:gH/9iHlNBxhEeLYpOe3Cx6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
SAMARINDA VIP.exe

Files

SAMARINDA VIP.exe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1023KB - Virtual size: 1024KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE