648c87b2e0af210546dc081447cc6259bbf5827ca075284abdf0aacb480ffeb5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

648c87b2e0af210546dc081447cc6259bbf5827ca075284abdf0aacb480ffeb5
Size

2.2MB
MD5

434320693050167d8499d79271a58a50
SHA1

b9e0a75ee1ebd02b8871dd063c27645ea7642f10
SHA256

648c87b2e0af210546dc081447cc6259bbf5827ca075284abdf0aacb480ffeb5
SHA512

0fd7f6bddd51b6b64799d4286b909e808d0f42a7797eb8852123307551d5d80116c87d96e762c7e9cd3babf14629f989d06fe8394ab9b50fb2dec260129c5784
SSDEEP

49152:IVE/vy+B1YHlz07SgzCi29+m4ZtNEvUMSqV9xfBR4Dz6Wl:IVcVYH1024mcELS29xfBmz7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
648c87b2e0af210546dc081447cc6259bbf5827ca075284abdf0aacb480ffeb5

Files

648c87b2e0af210546dc081447cc6259bbf5827ca075284abdf0aacb480ffeb5
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 570KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqczwvpe
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kjyowjwb
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE