24ab046a0e39a3b54238bbb48c2f0f6856e4273e5e80b2216142a6552268aa89 | Triage

Sharing

General

Target

24ab046a0e39a3b54238bbb48c2f0f6856e4273e5e80b2216142a6552268aa89
Size

1.8MB
MD5

16d1fb601f8104b5cff5570cff7a2153
SHA1

bc2e369824a2b1478861dcd40c352386d232f399
SHA256

24ab046a0e39a3b54238bbb48c2f0f6856e4273e5e80b2216142a6552268aa89
SHA512

cbf91f46ea09b7c2c4899bbee7d7c81b5ab6a6867b727f901573d05f43741af4a16c9b3ed0b0ed18fcf3e5bea66667e8cf2f998b953b78d29557a8426fd575eb
SSDEEP

49152:FMaY05AymRRIpKt9YGd8tU8aWNweU2lBuE+Bm:2b0OI0gJtVNvd2k

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24ab046a0e39a3b54238bbb48c2f0f6856e4273e5e80b2216142a6552268aa89

Files

24ab046a0e39a3b54238bbb48c2f0f6856e4273e5e80b2216142a6552268aa89
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ccskfsxs
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gwtprlfp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE