5d490d86454ef22b48d93c2f198e303ec3d8b213df2ab846695ea4d37f1b653e | Triage

Sharing

General

Target

5d490d86454ef22b48d93c2f198e303ec3d8b213df2ab846695ea4d37f1b653e
Size

1.8MB
MD5

6f62a5f56d3a2ff73c76f0badfdb7058
SHA1

8765716f430b48d7c112d2f6acfd5ea5026a0a4d
SHA256

5d490d86454ef22b48d93c2f198e303ec3d8b213df2ab846695ea4d37f1b653e
SHA512

4aec72edf304a85913e822f2887b2c7dd1cd62b1b1bd8d5b6a214dd00731b405910abfa85ba42b1dd9a67d1d4e840319d9aec96d5d646932891d403040e64aac
SSDEEP

49152:2YT2c5GIOjz0WGwe9nJ+OZYnKyaJ3rguR:ZTnxS5eXTen4J38S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
5d490d86454ef22b48d93c2f198e303ec3d8b213df2ab846695ea4d37f1b653e

Files

5d490d86454ef22b48d93c2f198e303ec3d8b213df2ab846695ea4d37f1b653e
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zmrmwfah
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

caaxwdyc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE