4b94674bd1e5c965f0facc43d9ca1dee3f8233bf887f402a57f5f78c02ce9974 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4b94674bd1e5c965f0facc43d9ca1dee3f8233bf887f402a57f5f78c02ce9974
Size

2.3MB
MD5

0e06d092bfa10e8f628002a2805e3103
SHA1

8929cbb5bc06936e8825f257b2b2266e1994c332
SHA256

4b94674bd1e5c965f0facc43d9ca1dee3f8233bf887f402a57f5f78c02ce9974
SHA512

164077b11b39349d684a0a680a98ad9632b9c004cf24645423cfe52bac01bbe3944002df94d61bb0350e21902ed7c64fff81f46f039e83a41bd9a1038fe83477
SSDEEP

49152:lJJdU6FBcxVQWyoEOMByzXz4u3+Hol8TzBGafNYsCR31zjmTfMuj8Ig:fJdU6FzqMBOIoCGoNYVeTf6Ig

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/roGcovlmdcl.exe

Files

4b94674bd1e5c965f0facc43d9ca1dee3f8233bf887f402a57f5f78c02ce9974
.zip
roGcovlmdcl.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ