fdaf088004d69ca56395007f85a48ae0 | Triage

Sharing

General

Target

fdaf088004d69ca56395007f85a48ae0
Size

1.9MB
MD5

fdaf088004d69ca56395007f85a48ae0
SHA1

b3a0f3df74cccb920981f9c681230b4a7f863d7f
SHA256

670aab3cab54c4854355bd25a6aafccbea7a1646c95a36c4b908694dc652dbf2
SHA512

fefcc849a4707fb936678e1602525c90c8e57257cd8fa13da155928a6a48c682eea462bd3b66f3ce0718a41348630f5b3e81fa786713ffb884f34bb67f561505
SSDEEP

24576:nFUveDKclqJOYUlvKRXizQo84nmg1v+yHJ8bJPY/Wv93t0SmFeIpIE4E2U56cLkm:nkcvKRynfqtPbYJTTuYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fdaf088004d69ca56395007f85a48ae0

Files

fdaf088004d69ca56395007f85a48ae0
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ