129121540_2359416601_1804023753[.]exe | Triage

Resubmissions

09-06-2024 14:42

240609-r26w1abf3v 3

09-06-2024 14:29

240609-rtzsqabe4x 8

Sharing

General

Target

129121540_2359416601_1804023753.exe
Size

1.1MB
MD5

aa68830dd0f0ef5274c7ab785fb95a37
SHA1

c09d2af1d51532e2c5d834a62078f8d383c82e91
SHA256

aee79791e6186b79bf0164dc334978af9d10a5c70af345ae5690949acd162a74
SHA512

bf57bdafaaa12bf9517c976a7c7e8e9dfb185e94e35a9d0a359552d27c8adb82a2b3e3ed03ebfbb7f5c48f174495fa9ba3387c18be99f8d4b2b982665e874aa5
SSDEEP

24576:RQYU7Lj4NQn77tPp4QhK2tbuLnflgNCa4MIM8mB3Bn2qfG/dpJGK:R/Qv4Ns77MiK2holgpr7n2IapQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
129121540_2359416601_1804023753.exe

Files

129121540_2359416601_1804023753.exe
.exe .ps1 windows:6 windows x64 arch:x64 polyglot

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

TJISVDNh
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

GFtFWsvd
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

L[EIF^MK
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE