d67de542a7c8c3535b0a79589d4ba10880bd97e4c126038c13a2efaa5d854a64[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d67de542a7c8c3535b0a79589d4ba10880bd97e4c126038c13a2efaa5d854a64.exe
Size

3.0MB
MD5

9ec45fd755974a8b50342ee6dd8205e7
SHA1

76f0aeb1891a895cee93aad524d37cc444344dbc
SHA256

d67de542a7c8c3535b0a79589d4ba10880bd97e4c126038c13a2efaa5d854a64
SHA512

2a27f0ca6bd953145a3daa0d03046c9a7ef96d22ed33bc6f21cfd1917848e1a783f780f642d8e86836c5bcf4abe7b1314604025fb50ff11929d1353fdd6f1a95
SSDEEP

49152:MPOqWKcR4SmJruozxkweqUaJpCCEBuTcWk+ot:+OdKX9zxkweqLlEBddt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d67de542a7c8c3535b0a79589d4ba10880bd97e4c126038c13a2efaa5d854a64.exe

Files

d67de542a7c8c3535b0a79589d4ba10880bd97e4c126038c13a2efaa5d854a64.exe
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_BYTES_REVERSED_HI

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 376KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ