1d782596f995c6ab34d85d6d4e96a654 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1d782596f995c6ab34d85d6d4e96a654
Size

292KB
MD5

1d782596f995c6ab34d85d6d4e96a654
SHA1

9d94bc468fdb258a052a88f8860625a191e3dacb
SHA256

8e5af2672eae52c068343ff1a303ed64572ab5f9e42525008f66c60eb7f74360
SHA512

fbb164eac87afa4b1504083299cd92f956a0286447a9a9c4b432b0f68024f2aec762b747566f8141c1db6c653cfd2c651b731f4e3d95ba9223a597943d564426
SSDEEP

6144:e+HE8C3sLOt1KH6ZmHwsoSVL/FL20Nq/C6ZPvRMYnXS7rQbSn21pMhtZ71V:JRLW1KHomHwsoS2ZnFRHXS7rQbSKpQZD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/InjectOnFireGO.exe

Files

1d782596f995c6ab34d85d6d4e96a654
.rar
InjectOnFireGO.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 587KB - Virtual size: 587KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ