8389aef52f771642eff79071834d52ecdb43b2057936870e481a035af3b67bbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8389aef52f771642eff79071834d52ecdb43b2057936870e481a035af3b67bbd
Size

81KB
MD5

6988e4acb779637589962504cfa5ccee
SHA1

593f2f5a462e8edf066e6b80083852e3a0a68f9a
SHA256

8389aef52f771642eff79071834d52ecdb43b2057936870e481a035af3b67bbd
SHA512

2c9e8119a1210183cd84d1151e2bc71371f6a04e36bfc1baf5447a8d1c7eeb8cefb8ddd427cd12cd38dc245b371397432dff5b79b92d47dcdbbc3a6eddfebe87
SSDEEP

1536:Fzy6AqJtRP6WD2/i+aZnemO+C2Vb/SGPK7uO1OxsC5fe:A6Aq9lBZewLVb/W74E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8389aef52f771642eff79071834d52ecdb43b2057936870e481a035af3b67bbd

Files

8389aef52f771642eff79071834d52ecdb43b2057936870e481a035af3b67bbd
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

EpZtbCommonTool.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ