099b4f784ec9c5623b605d39dedde5cd | Triage

Sharing

General

Target

099b4f784ec9c5623b605d39dedde5cd
Size

886KB
MD5

099b4f784ec9c5623b605d39dedde5cd
SHA1

17f06874471a5e3cc74097d3ec95fb76fcb2b0a1
SHA256

2164bd68a75e54949e43db1a7ca2958f4d44d825dad44cfb48233e9741a3574c
SHA512

db867550acf764ace11d76bf4d725b3e408b7bfc2b61bd76e47769592b28e085915135c28fdc397b1b170ca39afdeec16f02b250a4f0166ea4765e6c18e2f6ca
SSDEEP

24576:sHn1mTeeaqvcedGM8upLbgkTd75Sb8kVNcj:41mSP6Fy2cgkHcj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
099b4f784ec9c5623b605d39dedde5cd

Files

099b4f784ec9c5623b605d39dedde5cd
.exe .vbs windows:5 windows x86 arch:x86 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Sections

.text
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.oli
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE