41a8a315c51e5ff4643ae34469dffcfdf86104a5a4c121176231d820f4618620 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

41a8a315c51e5ff4643ae34469dffcfdf86104a5a4c121176231d820f4618620
Size

641KB
MD5

25461d3f0b93d16297e332a22b716d7c
SHA1

7190dc58c80abf3d782f9b82201195c7d9a9798b
SHA256

41a8a315c51e5ff4643ae34469dffcfdf86104a5a4c121176231d820f4618620
SHA512

ef7867d5c52aa1a588d7c0874d8b089a9ab4c990a6beb2791849493c9c903589eddb6567b36c283477b82cf6fbf8a392d33da664d128c323bc3f644967eef306
SSDEEP

12288:gKYH4Qif1lgU8REWyWuR7atHxH1xinWNRF5TUqt5Pgk1zRGw9oYX6z:BYH4QESGWyWuRutHonWTnTUqnPgQlG2a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41a8a315c51e5ff4643ae34469dffcfdf86104a5a4c121176231d820f4618620

Files

41a8a315c51e5ff4643ae34469dffcfdf86104a5a4c121176231d820f4618620
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fbotwvte
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ryxklpsa
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE