265814fa12f815634ae99f4d5819579c67e875b2c59b945979dc89ad5c85d75f | Triage

Sharing

General

Target

265814fa12f815634ae99f4d5819579c67e875b2c59b945979dc89ad5c85d75f
Size

1.8MB
MD5

69f38f993bb9f5efec0dce2f949db6a9
SHA1

069577e0e9154ec476b541bf0614c127481e59d3
SHA256

265814fa12f815634ae99f4d5819579c67e875b2c59b945979dc89ad5c85d75f
SHA512

4064492171d5c0e4dcaf578f5e4d84964476ab590bfb35689896ca467274b8440e041c8acd48cf5ec39830ceb5753ba99921a5b43f037b1807ddd635e82e4a8a
SSDEEP

49152:j0B6KAY0H3afEKBB5YYdedbRwvyF9lOMJzVhIbFvQe4:j+63YQ3CEaBAdZOWzVuI7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
265814fa12f815634ae99f4d5819579c67e875b2c59b945979dc89ad5c85d75f

Files

265814fa12f815634ae99f4d5819579c67e875b2c59b945979dc89ad5c85d75f
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zskjtuht
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wgxmedct
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE