RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO[.]7z | Triage

Sharing

General

Target

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.7z
Size

15.3MB
MD5

6365fd77ca2a5ee78d9ddd06b7bb2a43
SHA1

1fb9f5bdcbaeebbe6c7f2d7c262b76be92c32a55
SHA256

817db8a0d1f5625f0d7bb9ef0694341fa55112e6b1caa50d2dc858c7c4af231d
SHA512

17345b831e6c1d68035158669c3de979896e67a43f7ff07a44ed2b35c2a3d3f30506d4900fce73c447917bad195cda51a30a5ee12cd99349b786e8d1a9f6aac9
SSDEEP

393216:xr5mU4JnU61fsqxALiZalxP/vvyBRjN4SFqRo:xr5KhNFSLislB3vWD2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DG_MSActivator.exe

Files

RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO.7z
.7z
DG_MSActivator.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

DG_MSActivator.pdb

Sections

.text
Size: 15.5MB - Virtual size: 15.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RUMFUPKRBYH5OTM8IRNQJE6BGD7BFAHYRJ4T3W4TP9PZSI4WWXHO