55563c7d134be08e0eb9665cd34993fc90cbe3ed3a464a3d73c4072fed3fce94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55563c7d134be08e0eb9665cd34993fc90cbe3ed3a464a3d73c4072fed3fce94
Size

1.8MB
MD5

339020815b65530333bf2ddc928ac867
SHA1

018f9c40eefb58f90341f4ec7e58114972cb571f
SHA256

55563c7d134be08e0eb9665cd34993fc90cbe3ed3a464a3d73c4072fed3fce94
SHA512

7f176a32acdda71fc2de67eca2f27c173660f364ad4838c92369d02fb6fa60ebe57ae7a7a6273151f5bac288c6551d3a58b08acaac9837d4bf265a2ec62d8598
SSDEEP

49152:L2qVJL/mlsMQfk3gCcKpB057h3jI1Egbd:L2qVJrmTX3o3qEyd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55563c7d134be08e0eb9665cd34993fc90cbe3ed3a464a3d73c4072fed3fce94

Files

55563c7d134be08e0eb9665cd34993fc90cbe3ed3a464a3d73c4072fed3fce94
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fbupybke
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ejxqaids
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE