def989b013aa8d0fb99cf99ac288482a727c7a0324abba92462ed7ee85e9efea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

def989b013aa8d0fb99cf99ac288482a727c7a0324abba92462ed7ee85e9efea
Size

1.8MB
MD5

ddb315ebea8f098e49def20ee0794e42
SHA1

e769bd1f82bdd71ca26e996724cf8ef61b0a453f
SHA256

def989b013aa8d0fb99cf99ac288482a727c7a0324abba92462ed7ee85e9efea
SHA512

306dc6296478b1f0bae2c80bdb60b17b7a212e9b0ae8b5cb926555ea92c4c0b940e4f2897782aca31e8bef227a3f069d3a73119cafd572b49baf16bba6b07432
SSDEEP

49152:JYXtDQL7RO3LObaCG/gJ+4c7GBJd3cgMB6Zv7bcau4y:JgtDQL7so8R7G3CHEZvnju4y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
def989b013aa8d0fb99cf99ac288482a727c7a0324abba92462ed7ee85e9efea

Files

def989b013aa8d0fb99cf99ac288482a727c7a0324abba92462ed7ee85e9efea
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xvreyfak
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

yxicprsr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE