7bb089eeb9db51b48db6f3d37afa6e60 | Triage

Sharing

General

Target

7bb089eeb9db51b48db6f3d37afa6e60
Size

2.4MB
MD5

7bb089eeb9db51b48db6f3d37afa6e60
SHA1

4240e276c6ce23ed8b3db937722bc8a93ec4d3f9
SHA256

2d225148f14c7ca01ef8c7f90ee5f3c3ba578f6f5c2552317810997041c7aedc
SHA512

41c55ddd9ac5264ee431c0902f989e0d9d2e1bafd08baa04ad473504aea4d5d6b9e774c78aa32f938587ed38c74ec93667b8fe378e8fbe00de9c41d00d2c620c
SSDEEP

49152:9m2kO6Tuw4/i0JXlo+A+/CphIU/K/2ZMf63:9N6Tuw4pXlE+/Cc4q22y3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7bb089eeb9db51b48db6f3d37afa6e60

Files

7bb089eeb9db51b48db6f3d37afa6e60
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

BurlapAppCall
DoPrint
ExgInstance
SetGlobalObject
ShowChangePwd

Sections

CODE
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 267KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 167B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 20B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE