db5a5c19d8f2649ef3608755696b7f049692868f266a7f4409c99fdccf146191 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

db5a5c19d8f2649ef3608755696b7f049692868f266a7f4409c99fdccf146191
Size

5.2MB
MD5

9a3843f1b9c1325b822f6c33c6ba24cb
SHA1

68be6eee14ec81957a584f21533ae32d37bd33e6
SHA256

db5a5c19d8f2649ef3608755696b7f049692868f266a7f4409c99fdccf146191
SHA512

0098824c512bf508bc4b65287d197698f0935a297c5c7185122e3de7b68cd09cfffe47ac2845ec64e21f3b8bfdbdc889d415835a47675f46a772a78a58125d70
SSDEEP

98304:sZlWqqPfZvR7sndaMOY01d+xG3fInMWBaA15/9TcVsTDjAFvmo2:sZlPSfZvR7sdaNY01d+xG39WBaA1nTQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db5a5c19d8f2649ef3608755696b7f049692868f266a7f4409c99fdccf146191

Files

db5a5c19d8f2649ef3608755696b7f049692868f266a7f4409c99fdccf146191
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 3.0MB - Virtual size: 39.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

peuwlyaa
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dmjzecmc
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE