8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25 | Triage

Sharing

General

Target

8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
Size

2.2MB
MD5

c06b16ec7232eed0e758312f25d276b8
SHA1

bb8eaa4f3a2b6beb82f6566522630c31f8977a44
SHA256

8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
SHA512

9c7dbf7d6a2bd8c5d75bf2d0c015e0ce552f06dcf1836047af7b04e54d76b718a5dcbfdecae8d28ef9db55953fcc74ff8e09408e38b08e06c068cf07bdd2e5b5
SSDEEP

49152:as9NRR5MmyC8ZCY/ETnKj9nHp8UyKOreY3drQIf6wUHNBT:aQNRGEVE9HWXdrawKN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25

Files

8fc9df6aa2a9eb204d59dd0e41e811dba6e26841358e2e594e68d0515b709d25
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Exports

Exports

Start

Sections

Size: 591KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oxgtmcfn
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

atwylarh
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE