b84b945835d1e0366c2cff1d6a4ab4b09ea2b5f4f917c594e3a0c3dadd3ae418 | Triage

Sharing

General

Target

b84b945835d1e0366c2cff1d6a4ab4b09ea2b5f4f917c594e3a0c3dadd3ae418
Size

4.1MB
MD5

fbbe365fcb86fb28eea93f350240621b
SHA1

bcb28575ea32dc79d9f80f7c56bdf83f7346b603
SHA256

b84b945835d1e0366c2cff1d6a4ab4b09ea2b5f4f917c594e3a0c3dadd3ae418
SHA512

adb0cc3ca6134360ff8dca6201c1a48585db1cc3bd82b0d6ffb9b7edbfc8a1886729587e0bc51951298e1bab771601e7e8dc14353dfb7b05a8e640818c11c504
SSDEEP

98304:U03FZiKf1n0t3JiKS1Dzkqj0OB09xO3HCkbFvQr:UU9no5i3RzkxOB09xOXxb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b84b945835d1e0366c2cff1d6a4ab4b09ea2b5f4f917c594e3a0c3dadd3ae418

Files

b84b945835d1e0366c2cff1d6a4ab4b09ea2b5f4f917c594e3a0c3dadd3ae418
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CoreGetShell
DawnUiGetShell

Sections

Size: 1.3MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 105KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 35KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 262KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 205KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE