850f63933ca91eceb498a3f50c77c9c5b29da13eaf39da50bceff772106f2f66 | Triage

Sharing

General

Target

850f63933ca91eceb498a3f50c77c9c5b29da13eaf39da50bceff772106f2f66
Size

2.3MB
MD5

6c028841ac02b8a9ceceb69d6189d24d
SHA1

c9372ab93f55b9698d6ccc10067b24058df92fea
SHA256

850f63933ca91eceb498a3f50c77c9c5b29da13eaf39da50bceff772106f2f66
SHA512

0ddc8e14adc0ea377e00db370c8793160d5d27a1c4441874486fabc49bef7bcb370f77ef61142b37d670edd0811060d45a569797d77a41425c6694aed07d61ad
SSDEEP

49152:ikmKhyq24kI3qebVanrBV3K6HVn0k/PhJpTDRLnBOYdftuInsk:ikmKEqlkAbknr3HV0KPh73TuIn1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
850f63933ca91eceb498a3f50c77c9c5b29da13eaf39da50bceff772106f2f66

Files

850f63933ca91eceb498a3f50c77c9c5b29da13eaf39da50bceff772106f2f66
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ntdlpxvv
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mwxyzwpo
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE