71299a5aee040c6311dac3ccf1216054b5b280fa3870fd0fdf6d89ce64ce1935 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71299a5aee040c6311dac3ccf1216054b5b280fa3870fd0fdf6d89ce64ce1935
Size

1.8MB
MD5

94ecf4281f264aa9ac0382bc2dcd5eb7
SHA1

9a3dc5ab23acf6c4bf05489fb48f34e9f8008908
SHA256

71299a5aee040c6311dac3ccf1216054b5b280fa3870fd0fdf6d89ce64ce1935
SHA512

6f2604a2a72840ad4a0789a3b003ff7fbe810eb619290216284c577ebb8b68cad0b2049b3b6b2e1addd797998787deb834a3520e738a6b3ed941c1db71d9ea3f
SSDEEP

49152:ab9K2V71uCksroOW3/czZjcUwcmJlXAAvvsl6G:y9xVZuCLjW3/aZ/wcmJlQ8vs9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71299a5aee040c6311dac3ccf1216054b5b280fa3870fd0fdf6d89ce64ce1935

Files

71299a5aee040c6311dac3ccf1216054b5b280fa3870fd0fdf6d89ce64ce1935
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gugetufe
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

teufxxzv
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE