692ca8d3c20724cd95ade0e419545ae9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

692ca8d3c20724cd95ade0e419545ae9
Size

5.5MB
MD5

692ca8d3c20724cd95ade0e419545ae9
SHA1

d1728e8f753b036d27b83727dd5d451cdb7fd30f
SHA256

fccff838c8caf50bddef666386f3c1ab6ffaaa9f0447aec6e486a92b4822be60
SHA512

99545dc6e761db4a7123142589f962ad9d71ded3cdfbdb85f9d30830d8b14e171f2b512265ae2bcd542030960718dca4ed5b6812edb9208e993d567fcac6f4fc
SSDEEP

98304:k2PtGaCMeOGlpGp07V5f/Fum5F8PTjGipKtcq3Lwz/c9s:5EawOG7GpEV5f8mzUTnybex

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
692ca8d3c20724cd95ade0e419545ae9

Files

692ca8d3c20724cd95ade0e419545ae9
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 155KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gofpmbue
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vcodogcr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE