117b28e18c3cdee58cee6f5b4c6b708b | Triage

Sharing

General

Target

117b28e18c3cdee58cee6f5b4c6b708b
Size

1.2MB
MD5

117b28e18c3cdee58cee6f5b4c6b708b
SHA1

bf3f7cf88712b01a8123d3836bf19f25b17a70ec
SHA256

b356d0dfecf39874a2bbbe4cae33f580d91a8991860df23314f35950f574485c
SHA512

3a2331e1f7266a262e308eab726ee43127631c7348e7931186d13f54577abb1a18a92d6a6664dc69a9cbe9098914bd0e6173d1adc634a545b9c87b3bedd600ea
SSDEEP

24576:8Shu0Xd9baM1zjL0KfafjvjZLJNWttqmO96tY:8SL7VUfjJWttlO9IY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

117b28e18c3cdee58cee6f5b4c6b708b

Files

117b28e18c3cdee58cee6f5b4c6b708b
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

Size: 111KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 174KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 908KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE