a94da04a23686992a41d1e165501e66535d44db09fca1889f068903942f93b03 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a94da04a23686992a41d1e165501e66535d44db09fca1889f068903942f93b03
Size

2.4MB
MD5

76eea6c7057d566b8ed5dd5b01af61d8
SHA1

3b1aa0983dc03418bb7dd9c716a283a4288b9c97
SHA256

a94da04a23686992a41d1e165501e66535d44db09fca1889f068903942f93b03
SHA512

c7eac1dc1fde5a713190e3b1a7749bbe9e244086db035b60667f6fbba45dbd8be51343cba6b0a6209f7a7e7ec00e190d5fd148bb45c6feea1f75bd2efaba70f0
SSDEEP

49152:/2IyEKAjaO1F860TY41U8mXnkHwUQy2K6eGg0iCa+g2wZKmLUqHUrm2x:OIyGv1adT0PUHx52Kig2wZKm4q0r7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a94da04a23686992a41d1e165501e66535d44db09fca1889f068903942f93b03

Files

a94da04a23686992a41d1e165501e66535d44db09fca1889f068903942f93b03
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lzbnanie
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xevbrvld
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE