244e9d35709d1b2b268e622755f2c954826c50bf647b834e603c2ef5d74cc445 | Triage

Sharing

General

Target

244e9d35709d1b2b268e622755f2c954826c50bf647b834e603c2ef5d74cc445
Size

1.8MB
MD5

66f47ac2840baefdd81971cd13203e8d
SHA1

6f3e137e99b0ac70d633118f979424d329701f4c
SHA256

244e9d35709d1b2b268e622755f2c954826c50bf647b834e603c2ef5d74cc445
SHA512

1f50da7ef3464e2934f1b51a254c87c672b451e207957d8a6c1ab2fa703f8ec925938c8c1364b0fa412fa0c2595a3b170de1b8f7ff88e1b91709254342e38f1f
SSDEEP

49152:GGmEkUQVO+Yz3SW/qh7AyCMGCIbcshcunEpN:tmEkU2A3jqUC+hznEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
244e9d35709d1b2b268e622755f2c954826c50bf647b834e603c2ef5d74cc445

Files

244e9d35709d1b2b268e622755f2c954826c50bf647b834e603c2ef5d74cc445
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 182KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

zqswpkhh
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dorzixfx
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE