ff48d202c6823a0faf99484685016f3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff48d202c6823a0faf99484685016f3e
Size

262KB
MD5

ff48d202c6823a0faf99484685016f3e
SHA1

cc075fca2d1e21f5838532027e9522f96cad67f2
SHA256

783946dbebb844013f99131b31ba2bc5a5fce1d49ea08a46037652950ce702c8
SHA512

2aceac5ff4de2223f839e44af1b1f3b38ac457f336ba06548b2d59bebf302ae86f2df43b5e765e24a6e98d4a799eebb9f6fd417f9085c9acc15c11b3665d2269
SSDEEP

6144:pbeg9ZMTpDPIJlyTOaL9oE0xJlDjuT39W7AMpj2CTVEnW:1h02EtuxnyT39W7AMpj22EW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff48d202c6823a0faf99484685016f3e

Files

ff48d202c6823a0faf99484685016f3e
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ