vaultFile7494906008829096493[.]exe | Triage

Sharing

General

Target

vaultFile7494906008829096493.exe
Size

24.4MB
MD5

316213c6c37cd4a79f7391e228871bad
SHA1

112b5f4812e84cf98f476c041a99d462ec183c8f
SHA256

b5c7ccd5354e20fa244581b70a679d0a91f08c3634d09b9a8ffbf130258c30b6
SHA512

6bf74e2c7541c11de05d256779e7160aab8ea773587dd1e5620ec08268972c2eaf666ba89ff15a9be582268ea4e4116902f1869738057981c1c18ffd0ab6b1f3
SSDEEP

393216:OrohOyMjBoiDBsVz3CSwBLwCt+w+SbGgX2ndHeyDvxkJdydJgFqHJT/dT50HoXJa:co/RCSwBLdtySbG5d+YBdJgwZ/x6Is

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
vaultFile7494906008829096493.exe

Files

vaultFile7494906008829096493.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.code
Size: 213KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 584KB - Virtual size: 583KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16.6MB - Virtual size: 17.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.modplug
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wtext
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ