ef43b61027e5a4e340135de3a22797c333ed7d7f3d903b78975ead569fea1879 | Triage

Sharing

General

Target

ef43b61027e5a4e340135de3a22797c333ed7d7f3d903b78975ead569fea1879
Size

2.2MB
MD5

7bb8cb30220fb9f995b100eb32965799
SHA1

dd8b37f680ea762ae7e5d775c88feed065991112
SHA256

ef43b61027e5a4e340135de3a22797c333ed7d7f3d903b78975ead569fea1879
SHA512

cf423d29acdbee8e92b27f5d95c42053f5ed6528a5a3c8cc7bf3961e8d97571129c14b27587774bd910ae1aa34fdbad815a705bfaeea8b57124f2bbd7c5edc90
SSDEEP

49152:CeF1xn14/7p1+XV2ibKLJi3vIVOxlXIknS+GbU:v1xn1wp1+XV2oKIfpu+GbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef43b61027e5a4e340135de3a22797c333ed7d7f3d903b78975ead569fea1879

Files

ef43b61027e5a4e340135de3a22797c333ed7d7f3d903b78975ead569fea1879
.exe windows:6 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Exports

Exports

Start

Sections

Size: 591KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zkmnfuls
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ncpvazlf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE