ПСПК-2404[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ПСПК-2404.exe
Size

2.2MB
MD5

b01c1bed5023072bfc77eff32b9ef400
SHA1

d84aee15a00440e609ae0226a939c00c650fe36a
SHA256

b1baf15f339d67b3d1788daaac03095cab9ee52583a8183414f0d5bf55335e2e
SHA512

12b303e151f282da6748a80fa0bcdd9591f142fc3cfbb3b0fd91ae78490f8742fe0303908775c26ac71a7dd69b0c92eecb00915e3e179446d4206860d3e2d2ff
SSDEEP

49152:EVcHqnyx3ki82WqcRd/bjegQMGhRnB47YMbhZw8UmOj7j3:IqqCv6qUd/dQMGhRnoZXUb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ПСПК-2404.exe

Files

ПСПК-2404.exe
.exe windows:4 windows x86 arch:x86

3c0e70bfa5f73f1f1cef484e2bcb5bf8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

MessageBoxA

Sections

svn.data
Size: 204KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

svn.data
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

svn.data
Size: 39KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.9MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

svn.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE