ff715c1f8da954648371c6e73964f1cd9b7d1db00480e8af7ee9d815f99571c1[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff715c1f8da954648371c6e73964f1cd9b7d1db00480e8af7ee9d815f99571c1.exe
Size

900KB
MD5

deff8d72daac5ae4e119ec9294c91438
SHA1

21143b1e3bcb1e25de9d1332e0ec838d52c83c93
SHA256

ff715c1f8da954648371c6e73964f1cd9b7d1db00480e8af7ee9d815f99571c1
SHA512

8c14443ce4650f03373efe25f56fccfb1a7e4cf614c4d08c7a349c131e5d46481108b810fc9bc1068346904effb888e5e11ca63060666ade58b7f0ad27514f0c
SSDEEP

24576:8aZxtO/fZorYIqLkxpLXw1HY+IMrQ4yBu1O:8AxtOXarNqipLAaMrQzBu1O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff715c1f8da954648371c6e73964f1cd9b7d1db00480e8af7ee9d815f99571c1.exe

Files

ff715c1f8da954648371c6e73964f1cd9b7d1db00480e8af7ee9d815f99571c1.exe
.exe windows:6 windows x86 arch:x86

2388fee6ad8ce4f4a35dbaf64e2da01a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

EnumDisplayDevicesA

advapi32

CredEnumerateA

comctl32

PropertySheet

Sections

Size: - Virtual size: 1.3MB

IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE