f9d9ff920e2528d29632e7f1f9c421b8754d8f55095863ba46524017bbac5cdb | Triage

Sharing

General

Target

f9d9ff920e2528d29632e7f1f9c421b8754d8f55095863ba46524017bbac5cdb
Size

1.8MB
MD5

ae3ae8e7d49b083bb73af27b0bb1da3c
SHA1

4f2e8963d8745284315f6be2fb56c71606ab3f50
SHA256

f9d9ff920e2528d29632e7f1f9c421b8754d8f55095863ba46524017bbac5cdb
SHA512

6452d5aa698f874a6a427b3c13cfeebcee8aaf6aff5e671c6705dd033605748273452525b89fc128700f29d7e393cc81a3027e1dc5f91f13ad30e65a410ce2a1
SSDEEP

49152:D1rDFyR+9AhvdzBT/fm7NE+Wo//DkD6qYVBlDAPjZa:D9xAvX/aNE+WKkWqOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9d9ff920e2528d29632e7f1f9c421b8754d8f55095863ba46524017bbac5cdb

Files

f9d9ff920e2528d29632e7f1f9c421b8754d8f55095863ba46524017bbac5cdb
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 186KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bndzokqi
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wmkbxxrj
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE