4ad1f256ddc8a71ced260f2d2a7089b239ad3e3aee4e6a411f3be6300af35df0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4ad1f256ddc8a71ced260f2d2a7089b239ad3e3aee4e6a411f3be6300af35df0
Size

50KB
MD5

48fef5b7a6b16e345603cc132a917a51
SHA1

96b78be1adcc71579b68c6186320ec1e914bdf00
SHA256

4ad1f256ddc8a71ced260f2d2a7089b239ad3e3aee4e6a411f3be6300af35df0
SHA512

d955e9461b9feebfd96486381704602e7f525e72f7ce5450bb6d04e96b3daf90459d5bf49390468d63d761c4e420c631655e2ea91f38f30a54337ea834710c71
SSDEEP

1536:UiC0Eb/dljZq/IoFRe8t+zx6nrAFlvCHI:UOEb/bNq/IwRFgSAFlF

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4ad1f256ddc8a71ced260f2d2a7089b239ad3e3aee4e6a411f3be6300af35df0

Files

4ad1f256ddc8a71ced260f2d2a7089b239ad3e3aee4e6a411f3be6300af35df0
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

CEP0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CEP1
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE