100aa6063d12aea248c5de1c7f6a8b8196bedcf00e64ffa6567fd57b6f70bfa1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

100aa6063d12aea248c5de1c7f6a8b8196bedcf00e64ffa6567fd57b6f70bfa1
Size

13.0MB
MD5

b6bb0d1e17c7541e46719e0a2f35631c
SHA1

84ccd1430c911b57938444edf3b9c5d7c062325e
SHA256

100aa6063d12aea248c5de1c7f6a8b8196bedcf00e64ffa6567fd57b6f70bfa1
SHA512

34766217f88e10f13b4cb083bed588a1bf5c37cb33b75bdc1d46e9097300662dfd84c941947db107fb53c3b6dc27a4f19f0cc175f3c0610fc87bce855ada3158
SSDEEP

196608:2NjRDfDo7aQGFTZiX0uXNjRDfDo7aQGFTZiX0u7JFlzwxEKizG5mBqVRgt:gfD5VofD5V2xzwxEZzPBqVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
100aa6063d12aea248c5de1c7f6a8b8196bedcf00e64ffa6567fd57b6f70bfa1

Files

100aa6063d12aea248c5de1c7f6a8b8196bedcf00e64ffa6567fd57b6f70bfa1
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 396KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 495KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 293KB - Virtual size: 293KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 177KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.enigma1
Size: 9.9MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 300KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE