870d39d3b720ca256633a4223a6120be55255a08e7d268c911c5c469cb5fec04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

870d39d3b720ca256633a4223a6120be55255a08e7d268c911c5c469cb5fec04
Size

3.0MB
MD5

df078a5482fa58a23d20cc8a853b2c88
SHA1

dd55a8d38ed64c6ed248a7a1d4679ca4f475bc04
SHA256

870d39d3b720ca256633a4223a6120be55255a08e7d268c911c5c469cb5fec04
SHA512

1b5322078facebfd1d3b5b55c8eed74b9e0b10d7be66912ee4f7fa52c5ed0052c4923c98155922e2b9a09ac3b0a844b87bb5e0ccbdd723003772dbf20f5331b6
SSDEEP

49152:JzeuFRnDvHg2H/TbHYUuNNcfesolQQoSDQmxn3vSfrCpFDH:JzeCRzHg2H/TbHGNNcWs0QQoSDQmVIe7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
870d39d3b720ca256633a4223a6120be55255a08e7d268c911c5c469cb5fec04

Files

870d39d3b720ca256633a4223a6120be55255a08e7d268c911c5c469cb5fec04
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 573KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ulztztgn
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ftumzlrr
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE