992033958cda7a40755eb253f4053cc7[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

992033958cda7a40755eb253f4053cc7.exe
Size

2.2MB
MD5

992033958cda7a40755eb253f4053cc7
SHA1

fdb0e54245470964d045add72029aa6f82f8ae2a
SHA256

917358d5c2468b323d4cfe966f4f18bb0d4b24c81eb5c70b18347a28f668f8ce
SHA512

cf6407d99b5c4d525cbf5e7607255e0e1229c962c67121d2543b379f1cf6b7cdcdb1ff64b4dab7858defc4e0cbbabd0104c2515608a020e27246526d619610ec
SSDEEP

49152:fKrCuFr1on4OTKWdVgjHL8SzgA66nFpt0O+U7WWc:fQknDHduESzH9mU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
992033958cda7a40755eb253f4053cc7.exe

Files

992033958cda7a40755eb253f4053cc7.exe
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 570KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rikwepfy
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fygohiml
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE