RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO[.]7z | Triage

Sharing

Copy URL Twitter E-mail

General

Target

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.7z
Size

15.3MB
MD5

801af959893be64a2eb4c86bddb72f4f
SHA1

b7a2970ab134e5634327b4cdae9805076cc7841e
SHA256

aea0696f1b64a30ec8e55bd4eeb781cb15a7e10c9460576ad6228b13a7c74ebc
SHA512

0690a7a055a8757c2519860d481be630d3de1be1a4e0171a5102d681143f802330e99dd43614fb50370f36effd9450cceb38015716120a5137059fa9bc130c51
SSDEEP

393216:zr5mU4JnU61fsqxALiZalxP/vvyBRjN4SFqRa:zr5KhNFSLislB3vWD2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/DG_MSActivator.exe

Files

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.7z
.7z
RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/DG_MSActivator.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DG_MSActivator.pdb

Sections

.text
Size: 15.5MB - Virtual size: 15.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO/terw.txt