14b476109945453aa025206c5c39059ff3f2330d5445a84d6316211d065ac07f | Triage

Sharing

General

Target

14b476109945453aa025206c5c39059ff3f2330d5445a84d6316211d065ac07f
Size

4.2MB
MD5

15e76f64668979830f72dccc829dace5
SHA1

d868b430e7656fbf4de12015ff6b5726fea4de65
SHA256

14b476109945453aa025206c5c39059ff3f2330d5445a84d6316211d065ac07f
SHA512

82486413bdb23923fc3990e18761a2510e1f8fe3957dba20ffc4188d6deb3e1f71e11a797e9872477baa4757823fbde2c565deecc75ae80243c6bda275569daf
SSDEEP

49152:7x/3tmvNXU7e//t+bLJovVIki/fytUp7jozc+cJ0N62tL54AJJSG4dAA3eva6LIa:7x/3to6LKNRinytUpfozc+cJ4hH+I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14b476109945453aa025206c5c39059ff3f2330d5445a84d6316211d065ac07f

Files

14b476109945453aa025206c5c39059ff3f2330d5445a84d6316211d065ac07f
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

gitsoft.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 488B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ