1ce23770d7c8354750506de5e61836305ea6a734276617b0791977532a0c91af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1ce23770d7c8354750506de5e61836305ea6a734276617b0791977532a0c91af
Size

347KB
MD5

1d4cf4707d996a1888e4d50235dd3f38
SHA1

6eca1656799a3e32cd49b06d6dd7b57236bee5ef
SHA256

1ce23770d7c8354750506de5e61836305ea6a734276617b0791977532a0c91af
SHA512

860c7d83eb6636ce8d23dcafce3f29eb6420ac81db451e713c58dbb0b00e8ba5aa0c5263e1be3bf4f897e47e2506224201fa4d7dc83f5dd680b0425e765d8c5c
SSDEEP

6144:q2ICcfipHq7sXUmdGAyreUSVyK/or3OZ5FnXO0IZZb1D5lGcVk8:ZICRpHq7s9RGEVyKqk5FT4b1DzGyn

Score

10^/10

Malware Config

Signatures

Detects executables packed with ConfuserEx Mod 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_ConfuserEx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ce23770d7c8354750506de5e61836305ea6a734276617b0791977532a0c91af

Files

1ce23770d7c8354750506de5e61836305ea6a734276617b0791977532a0c91af
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

},Z
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ