861cb0192a2dd5a1f92d6cf395e19f2338591dcf07bcf7e663efeb89c819a8af | Triage

Sharing

General

Target

861cb0192a2dd5a1f92d6cf395e19f2338591dcf07bcf7e663efeb89c819a8af
Size

1.8MB
MD5

ce53cd46d31736cc584691a08e9412e0
SHA1

34d2173d027ef84168e368273823f9b0e34099e3
SHA256

861cb0192a2dd5a1f92d6cf395e19f2338591dcf07bcf7e663efeb89c819a8af
SHA512

d7369dfb6dad26dbd406c12ffa92d26e3caa7d682c4df664e30945aa3b34c945f4411fc3de140423bdeae02c033cbf6a0733268532d07dffbef68630c074bb7b
SSDEEP

49152:dD4tqaBh1KFuYPWBiMiaifFhtr8uGrvp9f:5SqSiuYPNMiaqbtgu2v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
861cb0192a2dd5a1f92d6cf395e19f2338591dcf07bcf7e663efeb89c819a8af

Files

861cb0192a2dd5a1f92d6cf395e19f2338591dcf07bcf7e663efeb89c819a8af
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rqnldeal
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sraphxcw
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE