4f3ce49bff792a0848d5fdbca2924b64ff58ec9ade1995ad04eebe03305578e4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f3ce49bff792a0848d5fdbca2924b64ff58ec9ade1995ad04eebe03305578e4
Size

2.5MB
MD5

2a9cbfd13f5186976c7bb129ac1563dd
SHA1

593849d75d01f517b0d58230463df8c0c0c1263a
SHA256

4f3ce49bff792a0848d5fdbca2924b64ff58ec9ade1995ad04eebe03305578e4
SHA512

70a516b4c967396e66fee109b67a58280b0b5201798555aa37c77cdae46d657a8f82c5fa0a66b3b1f2df678863c541ae7f581e2105555bfb8467a5b2e3de05bb
SSDEEP

49152:VGfjldldKbfm/hEM/M11sZyJaXlNUfNFfhG828Ou0:VGfBdlYbfm9uflhG8LO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f3ce49bff792a0848d5fdbca2924b64ff58ec9ade1995ad04eebe03305578e4

Files

4f3ce49bff792a0848d5fdbca2924b64ff58ec9ade1995ad04eebe03305578e4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 588KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.enigma1
Size: 1.4MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE