c2a69dc2b7c725baab3b12bf4a53df8f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2a69dc2b7c725baab3b12bf4a53df8f
Size

440KB
MD5

c2a69dc2b7c725baab3b12bf4a53df8f
SHA1

da30780b614c97873166765fe12d27e1f37016e5
SHA256

39d57edb8bc375d7dc3ef4c5297d35cf2546e75ba605d35a71fddfc5c3c8c248
SHA512

83aa77e4abc77d465e45b329979c6bf91191747d9888852c83a1030f89c37ad11bce9cadc72ec89d9fb7d97b4c245cd9a1040e092090142b71547b693e94d8bc
SSDEEP

6144:YSEzFY4WzzzOdXd9NPKIGuW7mcnpFs381Cq6ontXR3aXrPKUxDhjLtaPJfOf:DP4WzOJd9NP5rLd/onz3eNxDhiIf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a69dc2b7c725baab3b12bf4a53df8f

Files

c2a69dc2b7c725baab3b12bf4a53df8f
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\Adrian\Documents\Visual Studio 11\Projects\DataProtector\stub2\Project2\obj\Release\BullGuard.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 159B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 400KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ