5e161ec2732cd26defe165c5355d0f57cedf9cc6196d3da0819538c2b4f45e8b | Triage

Sharing

General

Target

5e161ec2732cd26defe165c5355d0f57cedf9cc6196d3da0819538c2b4f45e8b
Size

1.8MB
MD5

1892b85fe6a256f9bad696ed28ed022a
SHA1

25fd448029c8941efafd02d7733bfad28728adde
SHA256

5e161ec2732cd26defe165c5355d0f57cedf9cc6196d3da0819538c2b4f45e8b
SHA512

a206c8d902fdd17b00d63e6723c1b314cfffbf70655ba12be4397bc85037038df4d7c33411c008bbcb4300572a3e6fb46fcf5c957fceb328dc6b4809b051f5e0
SSDEEP

24576:rkHcb5e7QEtoOLGLp9wbSnf+/6TkrPw8A7nmA02+nhK6Vua2d1vpfl4EFH:rky+toyGL34SnzTfnqAPRa2d1hfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e161ec2732cd26defe165c5355d0f57cedf9cc6196d3da0819538c2b4f45e8b

Files

5e161ec2732cd26defe165c5355d0f57cedf9cc6196d3da0819538c2b4f45e8b
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gzhrxlib
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ebpajcae
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE