2d55d6ab00c5c143ff0e9bd1d5487f11dc82d03cb22b7a018f9a9ebb95dab9dd

Sharing

Copy URL Twitter E-mail

General

Target

2d55d6ab00c5c143ff0e9bd1d5487f11dc82d03cb22b7a018f9a9ebb95dab9dd
Size

10.0MB
MD5

89a23e5fcc332666952004e3e514938f
SHA1

bfeecb1ac7341147bdc6d809b364c208a60590e8
SHA256

2d55d6ab00c5c143ff0e9bd1d5487f11dc82d03cb22b7a018f9a9ebb95dab9dd
SHA512

f50f5b0583031b4aa3daeeccff1e0aeb2bd264beb91abb468a275499044a8f4fbf1b6ba7154b00545df7dca959f9532704b119d5645b60f3f2f2e69958b14911
SSDEEP

196608:ar/e6Rwhrx9Y4caWCAuxag/dCsaVQ7REjOBlY52x5R0u8i9WniVZ+7q+:ar/eII3f/d/ko25U5R0y5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d55d6ab00c5c143ff0e9bd1d5487f11dc82d03cb22b7a018f9a9ebb95dab9dd

Files

2d55d6ab00c5c143ff0e9bd1d5487f11dc82d03cb22b7a018f9a9ebb95dab9dd
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Spiders\Faery\Code\Intermediate\Win32\Win32ReleaseD3D\appStandAlonePC\Faery.pdb

Exports

Exports

?ChangeApplicationState@PSampleApplication@@QAEXW4PESampleApplicationState@1@@Z
?InitApplicationAsync@PSampleApplication@@QAEXXZ
?InitApplicationPostAsync@PSampleApplication@@QAEXXZ
?configurePaths@PSampleApplication@@QAE?AW4PResult@PSSG@@XZ
?createAudioDevice@smaAudioDevice@Spider@@SAPAV12@XZ
?detectPCEnvironment@PSampleApplication@@QAEXXZ
?initGame@PSampleApplication@@QAEXXZ
?initStandAlone@PSampleApplication@@QAEXXZ
?initialize@PCoreD3DRenderInterface@PSSG@@UAEXPAX@Z

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 846KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 247KB - Virtual size: 628KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Tp1R
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

m
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jBWes
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

T3za
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

PDB Paths

Exports

Exports

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 846KB - Virtual size: 848KB

.data Size: 247KB - Virtual size: 628KB

.rsrc Size: 120KB - Virtual size: 120KB

Tp1R Size: - Virtual size: 64KB

m Size: - Virtual size: 4.0MB

jBWes Size: 6.3MB - Virtual size: 6.3MB

T3za Size: 1KB - Virtual size: 4KB

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 846KB - Virtual size: 848KB

.data
Size: 247KB - Virtual size: 628KB

.rsrc
Size: 120KB - Virtual size: 120KB

Tp1R
Size: - Virtual size: 64KB

m
Size: - Virtual size: 4.0MB

jBWes
Size: 6.3MB - Virtual size: 6.3MB

T3za
Size: 1KB - Virtual size: 4KB