decdd13661e2cfdc00ce9f3cdc1e5602960ed620022aa1fb7894cdf1bb15b677 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

decdd13661e2cfdc00ce9f3cdc1e5602960ed620022aa1fb7894cdf1bb15b677
Size

1.8MB
MD5

60396068f6e960003173c9c3c8457dea
SHA1

e03ccbfc85695e45657a17d67fdc07b724138013
SHA256

decdd13661e2cfdc00ce9f3cdc1e5602960ed620022aa1fb7894cdf1bb15b677
SHA512

5fc959c6f931b7ea05b08d53fbbba4e659d1f035201fceb2dabdeb7321942e1290b80e4338348ea8c5d7ef0d53f75ae7534e3c181e458d85a1c691ebaaebcebc
SSDEEP

49152:TeYB311f14t9AxUY4O0+zFTMKJS1ZSO/:Teis+FMAO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
decdd13661e2cfdc00ce9f3cdc1e5602960ed620022aa1fb7894cdf1bb15b677

Files

decdd13661e2cfdc00ce9f3cdc1e5602960ed620022aa1fb7894cdf1bb15b677
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zlgnhcfy
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gteymbid
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE