c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60 | Triage

Sharing

General

Target

c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
Size

745KB
MD5

a2fae54266cb96924d3a16fef3b39122
SHA1

4b0507361804b6579d80642f3375604690bbf07b
SHA256

c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
SHA512

f94578821bf2755bacd9cb668f8df3554e4a7e7247eca32a3814abab7180d2060ed4a77a76fe12130c1aeba09bf95ac9a3e896ae4681ce2e9cf28951331c81af
SSDEEP

12288:Hdyr89smmxgbHwwTkOk9SmRBR0dn2mL/8iHsbRgTsI0rtAjmaY:Hd+gfawTJatOt2mouGaY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60

Files

c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\Fallkyriya\obj\Release\Fallkyriya.pdb

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 133KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ