d75s20km5gdywbel[.]exe | Triage

Sharing

General

Target

d75s20km5gdywbel.exe
Size

471KB
MD5

8aa54819622337a4dc0dcb845b71d1de
SHA1

273c8edf04f026c4f6f72a1132c27593bd0de955
SHA256

d2d7ace8fb5d6411cd02d9bb58952a77d18473ca0986e77733c78a2c38212cfa
SHA512

49d207da1ea7b4703d652606a5f186225b0c748eccf462c5dad3c7320474eea4e1ceb5e2b8f811d4811bb12873fd57489032e512ed73d23c6a128847ecbcb018
SSDEEP

12288:6hZ4WEmUD8vw+UZiPnJZMSiNUM+qVnqNLEqk:AKihPJOSQrVKYqk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d75s20km5gdywbel.exe

Files

d75s20km5gdywbel.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 469KB - Virtual size: 468KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ