gK5vkTm6WAcfbiz[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

gK5vkTm6WAcfbiz.exe
Size

630KB
MD5

55abd8961bb1559aacdd14bc4abe2948
SHA1

cff001eea9b43d712fbcc4cf9fb9b136f8c4109d
SHA256

0117ba3b90a77a00da548bf15490d6623de69e535d75fbbce8279b91c82f5ef6
SHA512

e5a6e38bc943c2b6fe7c157f3e719303c7b216edf3d483dd7c2b7a4267dd3d0d6b500015ef96d3c041e2032e6aabec6787bebb6f4af3f2070d9cb9fa8d2b4c2b
SSDEEP

12288:KjB778QTJ4oNyNN1N84trNRngS5B2/JD3CJMJjEebEPs18VT1IMajPsWj6Mr:UBlJ4tNXN84NgSUtCW1EeAaihaDsWj6Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
gK5vkTm6WAcfbiz.exe

Files

gK5vkTm6WAcfbiz.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 625KB - Virtual size: 624KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ