d139566bc99ae20a90e6638fd042369cdffc6f1416f1739849072b8c6ca54c92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d139566bc99ae20a90e6638fd042369cdffc6f1416f1739849072b8c6ca54c92
Size

1.2MB
MD5

55bb21d8d70e6eb3f0f40687fab4066a
SHA1

63d67d75187f5ba3f1348e431cb7d0668b5ff54a
SHA256

d139566bc99ae20a90e6638fd042369cdffc6f1416f1739849072b8c6ca54c92
SHA512

f52a52380acede55dcda60e2c5ea59502b76d6c8a86be29b30f8ff0203bfee71df47a16e24dcb87161cae19e4c81abb72dfcb18b62849e6e645557c1ba4a1f08
SSDEEP

12288:vFugridwdA9MT8p67IQzMtb/kWzcoW6BFMYYkm78SityjK:tu8OwdBT8p67ZWJBF4978dH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d139566bc99ae20a90e6638fd042369cdffc6f1416f1739849072b8c6ca54c92

Files

d139566bc99ae20a90e6638fd042369cdffc6f1416f1739849072b8c6ca54c92
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

KFYJ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 188KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ