e050a603894a4abf9550963f3dc4ae98cc94c05fa004397e31a2b8a741f0c090 | Triage

Sharing

General

Target

e050a603894a4abf9550963f3dc4ae98cc94c05fa004397e31a2b8a741f0c090
Size

1.9MB
MD5

d3a7d09173b5bc95c1ec9ae1681e6bdd
SHA1

00d9df9d4221e93dc3e4712867fe6b0778205bd5
SHA256

e050a603894a4abf9550963f3dc4ae98cc94c05fa004397e31a2b8a741f0c090
SHA512

6052c4df2142a729f5d7fffeb5714705784528ef6383332f4177edfd2589df8b093cc3de0edaeb6e6408055d491a31f8bc2bf94e3a92f5fefca7f5a47018b158
SSDEEP

49152:dBZobBYVI0aSeCE+bqkRIhniByK0C69A1rExOhXBS7qhC:dXwBYSfmmCIgBqC66eO27QC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e050a603894a4abf9550963f3dc4ae98cc94c05fa004397e31a2b8a741f0c090

Files

e050a603894a4abf9550963f3dc4ae98cc94c05fa004397e31a2b8a741f0c090
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 186KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sglddiyf
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

slazlwfn
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE