2efb89eb029548e433797a45c813fbaf79d01bf7aeb51201003001e3fe5315e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2efb89eb029548e433797a45c813fbaf79d01bf7aeb51201003001e3fe5315e3
Size

1.8MB
MD5

61454ee4fd0014ba63ae35fd788d974d
SHA1

0e01e5f1250e2cf2faf0dadbbda5487148459123
SHA256

2efb89eb029548e433797a45c813fbaf79d01bf7aeb51201003001e3fe5315e3
SHA512

c60d474660f75c3010b7976242c6caa584bb37b43b9976fc5d7e50fc9cc3173ee5a1de7afdcea2da293e7aa711f63329076b7474c5c131894710a04f5208388d
SSDEEP

49152:YwcCY1GzGpYKNcZmFhKg9ei6KizD8rqFwp3:YwcGqRYJcrgwp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2efb89eb029548e433797a45c813fbaf79d01bf7aeb51201003001e3fe5315e3

Files

2efb89eb029548e433797a45c813fbaf79d01bf7aeb51201003001e3fe5315e3
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vhfuekva
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zogiwmzc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE