da85b3aa934492d544c2f8989c9751543fa89a560ce7a201c6408a58c7b3be0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da85b3aa934492d544c2f8989c9751543fa89a560ce7a201c6408a58c7b3be0b
Size

2.3MB
MD5

ad48d1b512f4d705f69cf0b5d4ad0d9d
SHA1

63d36de823c41076380b50bc2a91b625e49507c1
SHA256

da85b3aa934492d544c2f8989c9751543fa89a560ce7a201c6408a58c7b3be0b
SHA512

8555b39c7b2f4e3be66928ee396a1582570077752ddcb29e7b0529531fc0d53091c8200b3c9aafc20ba787790e770f7f18ae486632412b2bdc2a2890de3a11f3
SSDEEP

49152:tfNYyhPNfMGphcnhnikpyV3dFREDem8GXZfEuslBKoDtMPrQ9c:ZXWDUklXZshDir

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da85b3aa934492d544c2f8989c9751543fa89a560ce7a201c6408a58c7b3be0b

Files

da85b3aa934492d544c2f8989c9751543fa89a560ce7a201c6408a58c7b3be0b
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uapzcbmb
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gafbguke
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE