ecf6efd95051aadd0f7ff17c8f6b0b9644ae212c9b5e712f4892452e19689c82 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ecf6efd95051aadd0f7ff17c8f6b0b9644ae212c9b5e712f4892452e19689c82
Size

4.2MB
MD5

8dea1ca0c661db479a040d65b02496df
SHA1

3e4be437c93eab4b01fe20c5655fb0b5072ce1fd
SHA256

ecf6efd95051aadd0f7ff17c8f6b0b9644ae212c9b5e712f4892452e19689c82
SHA512

1d1a1e42f9d2a7044c7c2d18023bb8bbaa00a8c78468933586dd83322f17717f618fb9f25a91ba277ffde817d384bffca2016968e05add978264a3266055d2aa
SSDEEP

98304:Ku4/oj4gOu+mIR2stuNzfGeJBp1kjOt57+ofC/4ZMMS85:KNox+c7Nr/j7t5yofC/t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecf6efd95051aadd0f7ff17c8f6b0b9644ae212c9b5e712f4892452e19689c82

Files

ecf6efd95051aadd0f7ff17c8f6b0b9644ae212c9b5e712f4892452e19689c82
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ