fd11c603c4ff25edc7f9a10d8f6e7ddb98b0e8b68fe3d999565b8e3cf66f7c78 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fd11c603c4ff25edc7f9a10d8f6e7ddb98b0e8b68fe3d999565b8e3cf66f7c78
Size

2.3MB
MD5

23c4d7dd503ed36a02522699b978a626
SHA1

4d79193dd07e9e914dbc0dd59d322692fcd4477b
SHA256

fd11c603c4ff25edc7f9a10d8f6e7ddb98b0e8b68fe3d999565b8e3cf66f7c78
SHA512

a3957d4a533bf3eb556739087d518dc043175cbc0dabdef48c164cd6eaf4238ddd42deb7a479623aaa53b93d768deffb5650a0f2a38deded783d92c0e451b353
SSDEEP

49152:hTs9zpYo556eURBCsXvYRZv7skxd0kVatGxnrZfWuwGUaJ:h49SoqrRBCsMZvYEdtVaUxrZfga

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd11c603c4ff25edc7f9a10d8f6e7ddb98b0e8b68fe3d999565b8e3cf66f7c78

Files

fd11c603c4ff25edc7f9a10d8f6e7ddb98b0e8b68fe3d999565b8e3cf66f7c78
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fcdiidtf
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pokluade
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE