458ed9af9d07db17b8eeb117489132973ad7d0b3d9712092b0720ddcb3080486 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

458ed9af9d07db17b8eeb117489132973ad7d0b3d9712092b0720ddcb3080486
Size

4.6MB
MD5

a8e4bae7fab3375bc883193138f560cf
SHA1

30f08adedac4681f6570ace9d1953761f8a9eaaa
SHA256

458ed9af9d07db17b8eeb117489132973ad7d0b3d9712092b0720ddcb3080486
SHA512

58bbe0742cc19d3a5b9aa58b9718c1c27177dfb38b7e5a1614ce47abb4b15697bccb60b501b2ed38150356e5a4fcba7daaa5cd36aa17161b530b7d62d99dabe1
SSDEEP

98304:bc7a4w/5Hk/MH46K0V/Gq/dO6+YbIYpR7w1glwdFqI5sH:ALwCUiiz+U7peGlEFP6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
458ed9af9d07db17b8eeb117489132973ad7d0b3d9712092b0720ddcb3080486

Files

458ed9af9d07db17b8eeb117489132973ad7d0b3d9712092b0720ddcb3080486
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CoreGetShell
DawnUiGetShell

Sections

Size: 1.3MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 105KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 35KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 262KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 869KB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��L|�u�
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE