6379a08616253ed59ac64c592fb8d4b350d27f51da903472136753552f53a023 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6379a08616253ed59ac64c592fb8d4b350d27f51da903472136753552f53a023
Size

1.8MB
MD5

86a321a84df8f5da70c9a1cf9a1cde9a
SHA1

942813349857f83613bf8b10c92e028d9e59cfe0
SHA256

6379a08616253ed59ac64c592fb8d4b350d27f51da903472136753552f53a023
SHA512

c7c516c5ec7ed588123cec84f5e7e58b7ee97e1314dbbbe75bd14f86093b205a41847c0c970b15aca0e9b23d2d1d1909fe7d6686538b328d5c315a6a24d02735
SSDEEP

24576:d/PJESbILw5+fpmH/+JkX8WylQDhUsyDi4HJKkNgSaX2VcO5DFsmO+EwumG9xcub:lPJf+fIf+kMWLhULH/AX/OlhO1CSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6379a08616253ed59ac64c592fb8d4b350d27f51da903472136753552f53a023

Files

6379a08616253ed59ac64c592fb8d4b350d27f51da903472136753552f53a023
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

obgxdtce
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

idtxwpcx
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE