General
-
Target
TGo15s.exe
-
Size
1.6MB
-
MD5
9e2180ab919d577144e40f562b422047
-
SHA1
8723d86a03c17c1dbd4f9ce81d339da355ae2e84
-
SHA256
d3885dd1557e9861ae5fa0ad2274a780f6d94cc2269826bc0d71338ec8144dd9
-
SHA512
c245c71490351c6d958d63d8d3eafa15826b3518921f1edb797e8ec79e436a9badae800ee70a219cf8a63e40882c7dafe9009a217b42135415416121990e7c18
-
SSDEEP
24576:K9ul3FeEqwKw++uj9u93MmomaG+ICriRSMuzjOGmCu0R+syAHs5WN88VdzfTEU8Z:KIY/j1moG+J4Qa9TY+oqSdzfTEUVI
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource TGo15s.exe
Files
-
TGo15s.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 2.8MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE