cb9ac63c638e214acf0b5ed7d64261444d283dbc6ccefbfce605171252433ae8 | Triage

Sharing

General

Target

cb9ac63c638e214acf0b5ed7d64261444d283dbc6ccefbfce605171252433ae8
Size

1.8MB
MD5

fee1bc6a2fa497769d05ce51ad4df13d
SHA1

1d588fb3b42d159819a22814a4a4ffec796e0e41
SHA256

cb9ac63c638e214acf0b5ed7d64261444d283dbc6ccefbfce605171252433ae8
SHA512

8b21f9a799db9fd54700cf1315d36438c76f02e750f154f1291a65c37156d3ad8768b4e6795b4f5efe729fe3a1e9ca0bd20214698d513b568d0c87c5b1b39255
SSDEEP

49152:ddjyrQ4lD7Div/PlTAginD2I3oZT7U/3DbyqLK:qT7QHlmD2N4Dm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
cb9ac63c638e214acf0b5ed7d64261444d283dbc6ccefbfce605171252433ae8

Files

cb9ac63c638e214acf0b5ed7d64261444d283dbc6ccefbfce605171252433ae8
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 181KB - Virtual size: 404KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ggureojw
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

beicwrca
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE