02dc9c948d528c45efde3e6cb055035aab404995fa78d4a18eca7f64f66b0e7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02dc9c948d528c45efde3e6cb055035aab404995fa78d4a18eca7f64f66b0e7c
Size

2.9MB
MD5

22ff81626f0077acad54d5658a4fd210
SHA1

198119162782d9a27ec32a4c99d22eb1774bfb29
SHA256

02dc9c948d528c45efde3e6cb055035aab404995fa78d4a18eca7f64f66b0e7c
SHA512

6bf49daf38362d27bfff56d541f079e50e2b49a266a900876b06b8ce945605ce53343ebe931628fede57996092764700682ebeb2485d2fa6ffb33cd4bfef6f1e
SSDEEP

49152:GPME6zTwmFSItPohXP6dI/ngXw3Qyns1WVbjhZO:GZ6zT9QUPgP6S/gXw3QOsYbjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02dc9c948d528c45efde3e6cb055035aab404995fa78d4a18eca7f64f66b0e7c

Files

02dc9c948d528c45efde3e6cb055035aab404995fa78d4a18eca7f64f66b0e7c
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 573KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bndfgvrz
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gtwcrwrs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE