0a22b7705dde6da9d7f0f487e2b740153058af437def6f66a4c4f0df1fd41fe2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a22b7705dde6da9d7f0f487e2b740153058af437def6f66a4c4f0df1fd41fe2
Size

4.6MB
MD5

c693845972db9bf32fa083bf75e2fe5f
SHA1

bf8b67bcf774e2e6f0e481fb5ee815e7944fa454
SHA256

0a22b7705dde6da9d7f0f487e2b740153058af437def6f66a4c4f0df1fd41fe2
SHA512

3c508aa831c6e91f56dea15d18fb0080e28ca6f956d05d2c5741d427b229c19531648fa57aaceb16ad16cc39e2592e30aaf4b569ef3e1596cd2d3a7a93599013
SSDEEP

49152:QKOyCPO0eYcM1KOyCPOEqC06veDkYOMwwnMb4PmyVKVOyCPOiLnHFLHkJES:QZPO0e5wZPOE10YYOXwnS4rVKwPOKDu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a22b7705dde6da9d7f0f487e2b740153058af437def6f66a4c4f0df1fd41fe2

Files

0a22b7705dde6da9d7f0f487e2b740153058af437def6f66a4c4f0df1fd41fe2
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

PresentationFontCache.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ