fedce8ea50d86f45203948ba2f241857546c50584f7786e6d55652100aa043c5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fedce8ea50d86f45203948ba2f241857546c50584f7786e6d55652100aa043c5
Size

1.9MB
MD5

3a71809e4ec006fbbeac7ebc3677a52e
SHA1

c6b21484454921cb44183bab46290a76650d827b
SHA256

fedce8ea50d86f45203948ba2f241857546c50584f7786e6d55652100aa043c5
SHA512

1841b87b528ed6da1cce01e606ee5a17e48f7b773748bf861c11391a3f0e6ad6e7bf6853ad7a763fbc939dca317699886d69b1a3b21fd75a569af66d3614197c
SSDEEP

24576:SbFQnI+kMF6je0X+Aq8pq13Cg3qfT7d8tzAQa28RqiR60Nvr/0EFUj+gyj1cZYF:IFQn5kc90QEMcfX7/28RiOvL0Ih5CZ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fedce8ea50d86f45203948ba2f241857546c50584f7786e6d55652100aa043c5

Files

fedce8ea50d86f45203948ba2f241857546c50584f7786e6d55652100aa043c5
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

coubesiq
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ydhwqmem
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE