05324e328aca9aaecb9b1015c12c4481bdf07471622a6e339191d1fb54782c4d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05324e328aca9aaecb9b1015c12c4481bdf07471622a6e339191d1fb54782c4d
Size

81KB
MD5

395b0982aea7fe1afbea588f50ea1565
SHA1

fb98387268df56c6399bdd567a69e7fc3305124a
SHA256

05324e328aca9aaecb9b1015c12c4481bdf07471622a6e339191d1fb54782c4d
SHA512

a922407ad9a319fdc6c4f1075573f6d60eebdfb81378a8d9ac7a5f5d74f2d803c9683c69dd2e9591507fe3e07da0883fdfa3bf5964e79a43acb9d3b9afeb5b90
SSDEEP

1536:ji3tF3382tp7nc7cjM6tFGerQTpEI7Ht/dy24UD2nYsM:W373s2FjPZELe24UD4Ys

Score

10^/10

Malware Config

Signatures

Detects executables packed with RLPACK 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_RLPack

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05324e328aca9aaecb9b1015c12c4481bdf07471622a6e339191d1fb54782c4d

Files

05324e328aca9aaecb9b1015c12c4481bdf07471622a6e339191d1fb54782c4d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.packed
Size: - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLPack
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

s6rwe081
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

6i2eu9uw
Size: 13KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE