2d2d63ec3c9c084f5afa0e761d75521a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d2d63ec3c9c084f5afa0e761d75521a
Size

3.0MB
MD5

2d2d63ec3c9c084f5afa0e761d75521a
SHA1

41b252ced0982c8c001bb0d01a940b36179ca9a8
SHA256

868f78c7dbcac0d1db4deeb8bfee986901df0f2a86ccd02fb110e2b8ca8c9dec
SHA512

31b3fda9c73cff080aef3b4e87cdf7a6b2692d8ea15ba1d7f7d2ce754729b608492ddfe2024c9f46a0da11d0dd6abe9e9ce9a613037e2f2f3f0a75e43cde2f59
SSDEEP

49152:f0GnBdeRx0SAAY3vfd6KJvf/Ne/KwHNumiQMuf/xGkuJtNnFKm24bVZ70eJ0:f0Gqx01VfMevf/wKwG7u/mF+4pbO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/galaxy.exe

Files

2d2d63ec3c9c084f5afa0e761d75521a
.rar
galaxy.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 8B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url