01283d03302f2edd4960899e0054084b264f59d951ee9f3bf38f7d50d43a8a20 | Triage

Sharing

General

Target

01283d03302f2edd4960899e0054084b264f59d951ee9f3bf38f7d50d43a8a20
Size

1.9MB
MD5

bf765192fb7e18bf2c9025248d43906b
SHA1

1083b78af5811beedf7d4e0f8c7dcb742c531b83
SHA256

01283d03302f2edd4960899e0054084b264f59d951ee9f3bf38f7d50d43a8a20
SHA512

85bb10c7045a4b28a07eb1aa9d576910a8849433d29a9c0079e173a3d5eba33b6b4755ef4527b94e83f9229546b638e3871ae2758d08b879959c8998a3e52a39
SSDEEP

49152:jIS2DUkA/ZCcWeLrfU671Jc4BvvXoCR3BbAbmlM5:PkaZdWeLLj7jcsJAbF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
01283d03302f2edd4960899e0054084b264f59d951ee9f3bf38f7d50d43a8a20

Files

01283d03302f2edd4960899e0054084b264f59d951ee9f3bf38f7d50d43a8a20
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 186KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lwcquwbi
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ejhileam
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE