2a70433b3ea0a4f52e96b1ed1f93575ac6311ad93435d98c5118b24dce3ed40c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2a70433b3ea0a4f52e96b1ed1f93575ac6311ad93435d98c5118b24dce3ed40c
Size

1.8MB
MD5

a62b1fe10441f91ffbad946600682564
SHA1

3942f45485c32f1954c82d488427d38ec7564fb7
SHA256

2a70433b3ea0a4f52e96b1ed1f93575ac6311ad93435d98c5118b24dce3ed40c
SHA512

2b7a2d8eb39e2a13ea9c8a363420546819205c8bd61590bc107dcb10f0c5f669a80de30c7723a41ef0d44209ed3fc0ce8ea75b1a8a739fa8738d91f4821c8ce9
SSDEEP

49152:p6zCtTzQ280/J9HYTB6fFNoP4odUhm18PRRS7FZNChg:UCtI280f5APhdUhm1mwX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a70433b3ea0a4f52e96b1ed1f93575ac6311ad93435d98c5118b24dce3ed40c

Files

2a70433b3ea0a4f52e96b1ed1f93575ac6311ad93435d98c5118b24dce3ed40c
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yfjxidgr
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

junwbrzg
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE