YLc7afPlL4RjCeK[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

YLc7afPlL4RjCeK.exe
Size

629KB
MD5

beef9e679243099def0f3ffa8f6c8b32
SHA1

659ed6b4f23ceb449c488ef70ca8ec20be30b8e6
SHA256

f586cac749397395d1af37ceda3d914202a2ff0f4d576e8d10888c37c97ef5ad
SHA512

92b9571983bc1e98cfaff63c8b8d2618db945a21ee47f9f8f67980cd5024bda17f5786b23ddb0ee3e5107598c465e93977ff6a9e7de9f42b3717f3f8feecb89f
SSDEEP

12288:vbBPJwKcIvLG0i25F99HpezT1Ll48qlGICFxTGjRBE:TBhcs9f5pJCdl48qgICFxC9BE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
YLc7afPlL4RjCeK.exe

Files

YLc7afPlL4RjCeK.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

riqE.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 623KB - Virtual size: 622KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ