2db2be43e5d06c80526732ed0d045a9341e6f0b10e70bc49efe56522c492114d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2db2be43e5d06c80526732ed0d045a9341e6f0b10e70bc49efe56522c492114d
Size

148KB
MD5

88bb4ccad44085dfa9e7b4d388a7f005
SHA1

90e2589ed959a0e4865ef93e54f03365646e6efb
SHA256

2db2be43e5d06c80526732ed0d045a9341e6f0b10e70bc49efe56522c492114d
SHA512

6e75f4fa4816c4cf5b605da0944bc7ec90c5181009cd06930be4832f09739681ffbda9840e733bbf07fa72eacaa5a26c2313cbd2fbc18d9145e4990a267d2ef4
SSDEEP

3072:FTd2rxOurzebwFEsRZ1XGDWcnbAGYseXhap7WXnk0adddu6+qd8KiRNwRmEEx771:Fp2pKbwF5hGDWcnUmFsKdddu6+qd8Kij

Score

10^/10

Malware Config

Signatures

Detects executables packed with ConfuserEx Mod 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_ConfuserEx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db2be43e5d06c80526732ed0d045a9341e6f0b10e70bc49efe56522c492114d

Files

2db2be43e5d06c80526732ed0d045a9341e6f0b10e70bc49efe56522c492114d
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ