cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886 | Triage

Sharing

General

Target

cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
Size

1.8MB
MD5

727c54fa3a9c67f729c897be63eb2ee0
SHA1

c94e05a7dd1573c0df9d2f8e9a2f1e10d0174c23
SHA256

cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
SHA512

ebf23a591fc7a602e9b1983ea54b724bdc455a4ef2e1ab40117f44fae66c5c249d34ec8809798129bdacf1a6c03f8aefde4c1bd8a4b4cea753b1dd267bee196c
SSDEEP

49152:c3aSs2sPNe5AMy5w0e8VfQI/K3XAZodvOh:GyPglrn8OIydd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886

Files

cd91b436df70efb3b0d4cf141d257282ace5d9daa990161b85d46d266514e886
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oboziegh
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ptqbuzdq
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE