1498aa06d03f8e89f0b36c99807799a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1498aa06d03f8e89f0b36c99807799a5
Size

2.7MB
MD5

1498aa06d03f8e89f0b36c99807799a5
SHA1

61a4270d72786cdabfbb236b21ffc587c3a77839
SHA256

85a805d44caebda711d8b0301503d4d44eb94daaac9935ad4754ee7c63f05e8e
SHA512

3d9c87acffbd3c7a3624fab9010c43c06bfaff93c6c2e17be695489c512aac6a786e3be0d7bf8201ecf60bf6376593512302a4a65ec7d4f6409fa0be6265062f
SSDEEP

49152:0TcFjqf7f5GpQgqWN88BdirMUqDneXCycs827W3S95tcchokoG:SWjWbUqgqW3zir7qDneXCyt827maIk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1498aa06d03f8e89f0b36c99807799a5

Files

1498aa06d03f8e89f0b36c99807799a5
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ