748538299004b87c6cbb64ec7a32d5e7b2f547cbbf75726d248b46777fce2b97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

748538299004b87c6cbb64ec7a32d5e7b2f547cbbf75726d248b46777fce2b97
Size

1.8MB
MD5

9f33e620e552786cd64dd5d1707be00f
SHA1

ebd783ffbc38120a63a3df0eeedd31598d6e6963
SHA256

748538299004b87c6cbb64ec7a32d5e7b2f547cbbf75726d248b46777fce2b97
SHA512

a58db462995712a80544f1f831b182c3b5047d58784d5e73b88810e511687c2c5bd6304c120f3e03d7ba7f5883deeea3a094eef1a1967ec3379e350dd25dea78
SSDEEP

49152:FXNdy0fePSmmNjuY+DXfbe+cTFJ4O1ADYs+l0P:FXhePANClrfl0kDY2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
748538299004b87c6cbb64ec7a32d5e7b2f547cbbf75726d248b46777fce2b97

Files

748538299004b87c6cbb64ec7a32d5e7b2f547cbbf75726d248b46777fce2b97
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pukclrbq
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qzuqivnp
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE