210515-l5p13yafy2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

210515-l5p13yafy2
Size

607KB
MD5

b657c34848ff4c9c75320259e74fe9a7
SHA1

35a83c4f81591e0f7f3e2ce1d639b6701de866bb
SHA256

26f275aa842bd4c0eb4613e2cc7b1b98b9dc15d8f08b428bf8a1c92d33021080
SHA512

06fc6aa30075706ea747e6f4e3d0c5bc27d085d003757046d5610bf261c4eb85f2e2bfb3f8a47f75e9db5a03d42d386802df6f782727e1fedc1b54698d7bfe08
SSDEEP

6144:Xl57s6z9bA0Oczwn2cC0p2cC0Bkq9MoG155bkY0MOHAg:X/A6z9aeD/q9OxHKA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
210515-l5p13yafy2

Files

210515-l5p13yafy2
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

.text
Size: 23KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE