de2e4b078aa52a7f41329a4da888a3ffaf6ec389a242c35bf6e83130ae4d7654 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de2e4b078aa52a7f41329a4da888a3ffaf6ec389a242c35bf6e83130ae4d7654
Size

77KB
MD5

bbfa9527135bc9d481bc7e3578734fc1
SHA1

1ef253d4bd799f9801b35ba92662a7b5c20b2301
SHA256

de2e4b078aa52a7f41329a4da888a3ffaf6ec389a242c35bf6e83130ae4d7654
SHA512

d7a4491d81cf0a2e9021b82ac2d2bc9465a29fbf97e8d2969591e45f074ab644263c52f6c3e89c2d91d374159abb9c06b79260c2e1f865aea61d2c5cbb1fec7f
SSDEEP

1536:hhEn6eVc7mDDT/rEeOS5A3JaX4S1pFSbLNAlK50AicC6Fia:fEn6eqm37r7O53JaXH4fNAA3k0ia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Extract 12-Word Secret Recovery Phrase.exe

Files

de2e4b078aa52a7f41329a4da888a3ffaf6ec389a242c35bf6e83130ae4d7654
.zip
Extract 12-Word Secret Recovery Phrase.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ