9066bf885cd72e46771654d0d8be15d3 | Triage

Resubmissions

05-02-2024 19:28

240205-x6tp5agfhp 10

05-02-2024 16:28

240205-ty322scah7 10

04-02-2024 23:08

240204-24qb5sehfn 10

Sharing

General

Target

9066bf885cd72e46771654d0d8be15d3
Size

201KB
MD5

9066bf885cd72e46771654d0d8be15d3
SHA1

13afce866b59c99fa0319b7f204e6b6828d4b22c
SHA256

ad90872dfd4b64dfbff9c38d36bd8b1fdb4173a14e84ad9d151d56d36dc87d08
SHA512

ed55f1e9567c5076172f9037a6487fe406b0a87ecb7f8cc892a2e2d1cd9a2d832f7286d286dc90b85de34ecc0216309e5fe658c9c14cbaf07d4e1a4df42861ec
SSDEEP

6144:Cz+glrx25snmJr/TqRd4y/Nns9ImK+BqIbsJHo57:Cz+glrxcsnor/mRGmsCt+BqFxod

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

9066bf885cd72e46771654d0d8be15d3

Files

9066bf885cd72e46771654d0d8be15d3
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\exo\Documents\Visual Studio 2010\Projects\sdmfgnoitw\sdmfgnoitw\obj\x86\Release\grgrrwe.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ