56e0c41b49e53f6dce88e7840850d14606fe899e88c7e47ba051a80a6bcdb8cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56e0c41b49e53f6dce88e7840850d14606fe899e88c7e47ba051a80a6bcdb8cd
Size

1.8MB
MD5

6c09428fe38376b9ea5f98d6436b5e9e
SHA1

cb39c337b8789ba7e63b7850473a4a05f60152c0
SHA256

56e0c41b49e53f6dce88e7840850d14606fe899e88c7e47ba051a80a6bcdb8cd
SHA512

ad398828c275963ec3057ae3e7a460f6821ff5eaafa7abb45c8408c2bb4932a6262869534bea53b8a36df974d5fec58f23230f7cb4a65f064409bbc1f8f3eab8
SSDEEP

49152:P7g8zg+oFfsCJhEnvJxC/gxjqxCFmSFCzelf1S:dM+oFfJOvJxC/MjqsFhF3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56e0c41b49e53f6dce88e7840850d14606fe899e88c7e47ba051a80a6bcdb8cd

Files

56e0c41b49e53f6dce88e7840850d14606fe899e88c7e47ba051a80a6bcdb8cd
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bjwocefk
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fwuenaed
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE