c9bda48cab612cf9dfdd23f5e483ca8490cc397e39776dd0dcce65ea8847a3b5 | Triage

Sharing

General

Target

c9bda48cab612cf9dfdd23f5e483ca8490cc397e39776dd0dcce65ea8847a3b5
Size

1.8MB
MD5

7cf1f4552c8145f13d37d55125dc99cb
SHA1

f76cd17dc7e085f3952718694e97091d1b8fc8a3
SHA256

c9bda48cab612cf9dfdd23f5e483ca8490cc397e39776dd0dcce65ea8847a3b5
SHA512

34a94e2c31549687eb55cefc0693d2177d90ad193f93a93241c2364fef9056926ee595acdbdde2ff527d3041118725485bb2c1e0610332f7fc2b171eafdb1362
SSDEEP

24576:lJC31PpNWSdM1LliCaxIsg9otM2/s6glLBHPpOSY47zfS1SbNh4etIqZLxeBY+YG:QyciliJGF9o/sB3x1rVNh4eJsPTwG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9bda48cab612cf9dfdd23f5e483ca8490cc397e39776dd0dcce65ea8847a3b5

Files

c9bda48cab612cf9dfdd23f5e483ca8490cc397e39776dd0dcce65ea8847a3b5
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kkzmtuvw
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

iyhhstup
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE