2ef04b4895cacb506e42489b5d1e80822850aa19da149fd86adc2a1e3b620c71 | Triage

Sharing

General

Target

2ef04b4895cacb506e42489b5d1e80822850aa19da149fd86adc2a1e3b620c71
Size

591KB
MD5

8e07dc94424d6587f0258f381141988b
SHA1

a8ca4c03c06b17fdf0ac912793dd6545afdfc358
SHA256

2ef04b4895cacb506e42489b5d1e80822850aa19da149fd86adc2a1e3b620c71
SHA512

cc048aaa3081e25f141de221a2b82763ca75b33b1c01bb1faefc642f92eab200d03d516e0f8fb1d93d024ac9cd2edf1338ab047edf6b2c33ba9b4ee49a4fccef
SSDEEP

12288:T0+W315UzFyg3TXgzrOrOP847EVTiyiIW7B:y15UzFh3MzrOrOP8NVTSZ7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2ef04b4895cacb506e42489b5d1e80822850aa19da149fd86adc2a1e3b620c71

Files

2ef04b4895cacb506e42489b5d1e80822850aa19da149fd86adc2a1e3b620c71
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ