ffbed2f613bf97e4022b197d1ffe3f609ed9fdfbc97a1dc70a030069a6935fc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffbed2f613bf97e4022b197d1ffe3f609ed9fdfbc97a1dc70a030069a6935fc3
Size

745KB
MD5

49ff55d8f3aa2900a8f1a577d5d7818f
SHA1

0f99e7b8da7347db5312b0e4285cf99ebe33fe81
SHA256

ffbed2f613bf97e4022b197d1ffe3f609ed9fdfbc97a1dc70a030069a6935fc3
SHA512

54b5a7bae46dcf8df2318159d6a5d16818db9e2ac6c0dd0efc01f9df4120c70e94a8facf0d129c8a5f662db6140b1003e607909f65a5626e27e9c2baaa76f892
SSDEEP

12288:RB1oVeonJaolBc8tqw2ey+zLYKvuXsRnxfeBT1J8E9RZnIihCKvjJGO1qWlKgeL2:Zo5EkLQ2y+z8KvqR1mE9RZnI5/iqusM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffbed2f613bf97e4022b197d1ffe3f609ed9fdfbc97a1dc70a030069a6935fc3

Files

ffbed2f613bf97e4022b197d1ffe3f609ed9fdfbc97a1dc70a030069a6935fc3
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

YCfJ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 743KB - Virtual size: 742KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ