64b8aff2336d546817bd7bf6d763891f03d53eed90e84d004db0a03a050788a6 | Triage

Sharing

General

Target

64b8aff2336d546817bd7bf6d763891f03d53eed90e84d004db0a03a050788a6
Size

1.8MB
MD5

d2a409e155ab998c4d40764dc9c63ca5
SHA1

145c580015bf2b97c7f53f2b02a481e88ada42f9
SHA256

64b8aff2336d546817bd7bf6d763891f03d53eed90e84d004db0a03a050788a6
SHA512

c78f3d96b470eedbffb2e74fc54fbb931e5711e4d9a32e7558ad220141a925ea1b454accb9e2d193782a8c4f75d8c5c358a05804505dde197b188d7186ace898
SSDEEP

49152:5ao9Z/ramJh0fh7WbfMym6EFB0ce/qFPDE+dsSHAwNZrBJyz:AgZ/rnJh0ZCTMymne8b3rd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64b8aff2336d546817bd7bf6d763891f03d53eed90e84d004db0a03a050788a6

Files

64b8aff2336d546817bd7bf6d763891f03d53eed90e84d004db0a03a050788a6
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ecxzhbtd
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zzjpiafa
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE