044afe0fb3ceefc51f0d8c7aa9506fa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

044afe0fb3ceefc51f0d8c7aa9506fa3
Size

3.4MB
MD5

044afe0fb3ceefc51f0d8c7aa9506fa3
SHA1

c46fe6b181408f8f4308a4da6579b89b024f7273
SHA256

b9936494de2b2c86c4f5778bcf342bad05a5eff93b09e1ff850da76e4af2e788
SHA512

0333722d94d47f53afdce94d4af82c193c6795913f84e898825bcf21e76f0153c7e1780e49a2cea3e9370b8d44c7384f4335ab3ee747734b23edd9218cc500a5
SSDEEP

49152:T7FYXJkbhOGoVN0cBQ9tW9L0OtyDEB9MxxkU1:CZyhOGoVmcC9GyGiP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
044afe0fb3ceefc51f0d8c7aa9506fa3

Files

044afe0fb3ceefc51f0d8c7aa9506fa3
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 169KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ