edeea9fe453f6dfc0ea3a4e9189cbfe7166aa820b98f93da6513176f8deb0c92 | Triage

Sharing

General

Target

edeea9fe453f6dfc0ea3a4e9189cbfe7166aa820b98f93da6513176f8deb0c92
Size

2.9MB
MD5

1a9b43ff9d418fec6ff36539e3fb5db8
SHA1

9bb2eeef5abbaa8f3df26c18fb05e7b8db0d2d6f
SHA256

edeea9fe453f6dfc0ea3a4e9189cbfe7166aa820b98f93da6513176f8deb0c92
SHA512

ca0c165af12f5dedaa103adf73ef9ea6479373caa367e3bd5794b8c95161e21118f4cb15644c484c1ecb0a21e606718e73d8d8ed1aea80fa126cd165e2429838
SSDEEP

49152:KHWc/UaKbXCW5RwYlwVSbeSgV7L7xZuIHrdVddLF5UsxF:KHWc/fKbX55RxlwVRXrVddL7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edeea9fe453f6dfc0ea3a4e9189cbfe7166aa820b98f93da6513176f8deb0c92

Files

edeea9fe453f6dfc0ea3a4e9189cbfe7166aa820b98f93da6513176f8deb0c92
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 186KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hyldbaph
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ugjyawrw
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE