91e03cc00efe70f0a0cbd688ca257754744053a5870ea5f9f3984efef4efeed8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

91e03cc00efe70f0a0cbd688ca257754744053a5870ea5f9f3984efef4efeed8
Size

10.8MB
MD5

128ebfc75c6be5df44520c17748ebd71
SHA1

1a595ad2369256205245c37db0de9c86b87baa64
SHA256

91e03cc00efe70f0a0cbd688ca257754744053a5870ea5f9f3984efef4efeed8
SHA512

2003332c0e9e7345f16f37dab67866beef195f53583e61fc22ec9a5893ff3ba44258ee9ffbce0afd2585500534f875371be3465c00487903f209c45090f55505
SSDEEP

196608:uZBxIMVrwBLbto8VAK2qdAK0jx5c1kHDhN7YiAdI234PIXYBzg89D7k2:0BSMuZL2qdNW5cKjLYiAdI4wpzB9P9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91e03cc00efe70f0a0cbd688ca257754744053a5870ea5f9f3984efef4efeed8

Files

91e03cc00efe70f0a0cbd688ca257754744053a5870ea5f9f3984efef4efeed8
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

F:\Sources\YouKaMi\TClient\TLauncher\obj\x64\Release\TLauncher.pdb

Sections

.text
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ