9950af9e2e75196ad029324ff8dd2b36630e7d18a49407f0422150847944b888 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9950af9e2e75196ad029324ff8dd2b36630e7d18a49407f0422150847944b888
Size

1.9MB
MD5

edc3794417b6bcbcdcf45595f72ed6ef
SHA1

602994d5066b529e349c808a24a2bd24f373ac9c
SHA256

9950af9e2e75196ad029324ff8dd2b36630e7d18a49407f0422150847944b888
SHA512

f0d02cc6bebd78501b350d0875d9290cc5f438868f6df1252d4b5d908784fe18199b3747a874c51c01c720381187f0f7b17c30eec30642202c8f0bd6c29979a4
SSDEEP

49152:yy5er9fzkC23If2FSlETkfVoXJQ/MdPan6lGzH:y4QufEqJnM6lQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9950af9e2e75196ad029324ff8dd2b36630e7d18a49407f0422150847944b888

Files

9950af9e2e75196ad029324ff8dd2b36630e7d18a49407f0422150847944b888
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Exports

Exports

Start

Sections

Size: 562KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ahadywor
Size: 1.3MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tptyqpwq
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE