526e3c918055d2bb13e27041204ac2caf34b650f0509ce7518bb9b524081e637[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

526e3c918055d2bb13e27041204ac2caf34b650f0509ce7518bb9b524081e637.exe
Size

257KB
MD5

9ba481a1b9f5195af02140bd81cbf966
SHA1

057b4b7f90f14a8cc4b440167c97eb9477c18e48
SHA256

526e3c918055d2bb13e27041204ac2caf34b650f0509ce7518bb9b524081e637
SHA512

02856d8de67c792f163fd21979adadab11a6b009e2b7ec7772cca11cbf7cf3b750f1515d5891efe763669275b696857cf2c4ad16cfaf71ce08fe46eb64b8e854
SSDEEP

6144:IT6Xfe1rgWaNOdw4bcgj3HJdzpxB/MP5su0jvo:c6Pe1QAdwsXJ9lMl0s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
526e3c918055d2bb13e27041204ac2caf34b650f0509ce7518bb9b524081e637.exe

Files

526e3c918055d2bb13e27041204ac2caf34b650f0509ce7518bb9b524081e637.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Administrator\Documents\CryptoObfuscator_Output\GG776.pdb

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ