13cac8771d5bdf04a533f9d4af84f8d0aa240a2cfe85603beb9782c5261a4216 | Triage

Sharing

General

Target

13cac8771d5bdf04a533f9d4af84f8d0aa240a2cfe85603beb9782c5261a4216
Size

1.8MB
MD5

766b871e4a0cb690ef3697fd81f3f2d8
SHA1

ce86761569a375c6dfa22bd5707125b05207e3dd
SHA256

13cac8771d5bdf04a533f9d4af84f8d0aa240a2cfe85603beb9782c5261a4216
SHA512

a32336ad9b4fec2697de85af6404a69f0b9ab0390fb16f7206c2090911afadc60677b72c790e135993048e5663efbbe86b192d020b1644b5ec2db0e8b9d4cc7c
SSDEEP

49152:8o2laJ5uUQi8UU1k60147XalQIhYMNm8w0S/W6:8VaGUQi8UU1kF14TpuKUS/W6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
13cac8771d5bdf04a533f9d4af84f8d0aa240a2cfe85603beb9782c5261a4216

Files

13cac8771d5bdf04a533f9d4af84f8d0aa240a2cfe85603beb9782c5261a4216
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xsuuuxjr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prqsyttf
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE