9d85b953a652da4e88e5802af1306307731c2675975b25b4b0dfc548f1903125 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9d85b953a652da4e88e5802af1306307731c2675975b25b4b0dfc548f1903125
Size

2.2MB
MD5

0ec4e8425bb6fdde0badb4616c758446
SHA1

6f01ec609b018d618274d3c11e7037aaa5e80414
SHA256

9d85b953a652da4e88e5802af1306307731c2675975b25b4b0dfc548f1903125
SHA512

351e434dfaa1b34724f363061e14002dc6a741e9d6fc08c45c99f1195f91208e42cbfaff534043480316e9a70bfecc49537df76418c3c798c22d762f2c22f31b
SSDEEP

49152:LwhjQvlkv0AQVfSG6oBd1f+XvWRZx+mT8QQaNxz9uhM/h:8jQvlk8AQ/bpfiyZx+mQQQe0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9d85b953a652da4e88e5802af1306307731c2675975b25b4b0dfc548f1903125

Files

9d85b953a652da4e88e5802af1306307731c2675975b25b4b0dfc548f1903125
.exe windows:5 windows x86 arch:x86

9e5fd72b2604a9a1c15ba81c18c21ae2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess

Sections

Size: 177KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 656KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

hpbwputx
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jommyszk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE