a2449bc80cef9117c5afeae850fad00f671e3ddffe8c0c4f32328686dead719a | Triage

Sharing

General

Target

a2449bc80cef9117c5afeae850fad00f671e3ddffe8c0c4f32328686dead719a
Size

3.0MB
MD5

4828abd9d1245036b5193268ef6ba148
SHA1

0e8b3a3e2e5ea4b4714cd9fc1fa697a90ca1a164
SHA256

a2449bc80cef9117c5afeae850fad00f671e3ddffe8c0c4f32328686dead719a
SHA512

89f0a89406e5976730f02d18b04da4326beefec40061700fb83f9d3abafb8598d94bb5fb49435e4cf601797d50aac78f016c16f5bdc294397bdfcff70745b7d2
SSDEEP

49152:F2N+qwpn1I3BqbMmT4GH/NQ7YbOPLHBNdr5M76WOwHUQ:g+98xqbMmT4GH1wYYx5M76WvHp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
a2449bc80cef9117c5afeae850fad00f671e3ddffe8c0c4f32328686dead719a

Files

a2449bc80cef9117c5afeae850fad00f671e3ddffe8c0c4f32328686dead719a
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

Start

Sections

Size: 574KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zjmspsgn
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

urighjtk
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE