d00c125b40e122c57de7092d05ad5b9935db2f3dc5f20eedb519dff1b0e0b4bb | Triage

Sharing

General

Target

d00c125b40e122c57de7092d05ad5b9935db2f3dc5f20eedb519dff1b0e0b4bb
Size

2.3MB
MD5

38edbe20184663ad8ac2d7f3a7125848
SHA1

c5c26461f4ae0366c22a6241ef71a93a7866df14
SHA256

d00c125b40e122c57de7092d05ad5b9935db2f3dc5f20eedb519dff1b0e0b4bb
SHA512

c1d7d617aeb2efdcbc471c85f7d8a058ae1df9579ea50b0a41426412d5fb1de74a861ac29edec2b11df87d3b60c13932b9f4a3954310490c50ecd433476fd524
SSDEEP

49152:rvqFIgcc9V7CJV54VhaHgzc7Z4a5S8kgaPz4QKHbytsXMYOMf2:rvO9VGJL4VQH17Z1nB6MHWiMYBf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d00c125b40e122c57de7092d05ad5b9935db2f3dc5f20eedb519dff1b0e0b4bb

Files

d00c125b40e122c57de7092d05ad5b9935db2f3dc5f20eedb519dff1b0e0b4bb
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 685KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gxydfwid
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fksyipaa
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE