329023-323832-329323[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

329023-323832-329323.exe
Size

138.6MB
MD5

9bc5bcb12559bbe495d324b2b58dc1f3
SHA1

dab686ee9c2960c5ba68ccc8b29380768a067173
SHA256

fefe2ea144ac18e5cef8940e60bc3e9bc999ebe205657685106507a41b98c722
SHA512

5bdf01343c70498c0097a09704756db2c4973054e3f4f4c7a4ec31588b70ca3023751a1a361de4fa78e8447f79ee252bf59d85f7156492fd9f71229ce40085ec
SSDEEP

3145728:F1igRX8y0pdxgAMxYfLTMTdiBTW0uuEc+OOCOJ+UY7N2+TR:F1t8y7CLTadiJPwMU+N2+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USB/EFI/Boot/bootx64.efi

Files

329023-323832-329323.exe
.zip
Desktop 2024.01.21 - 04.02.12.20.mp4
USB/EFI/Boot/bootx64.efi
.dll windows:0 windows x64 arch:x64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 498KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USB/startup.nsh