558b9610971a7c0d0bd2c9a82bf8176a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

558b9610971a7c0d0bd2c9a82bf8176a
Size

1.9MB
MD5

558b9610971a7c0d0bd2c9a82bf8176a
SHA1

15c6d30ccca68c0510630db9166ca720f831f3ef
SHA256

876bc1c11ad8cb468f9aa19ef5f75d3017fa3c21a39d5bed8efa80159e0f9a62
SHA512

493cd4cf0a08fb96dd4ca72ea561c36683bdd3bbae0a6a2154d8f97a6ef1d4bbb0214958de2f4eb834d890c1500ef46a39ac4de7f3a604767665480c6e4bed86
SSDEEP

49152:q+3i2lpHlUIyuVcNmCGsbN3b0slj3n88DOZiNj/:q+3x3FFkmCG49bflj3D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
558b9610971a7c0d0bd2c9a82bf8176a

Files

558b9610971a7c0d0bd2c9a82bf8176a
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

{zr%.QS
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ