679274775[.]exe | Triage

Resubmissions

11-08-2024 07:22

240811-h7jtzszgpj 7

11-08-2024 07:09

240811-hytylazejm 7

Sharing

General

Target

679274775.exe
Size

9.3MB
MD5

7100552fabd6e49474b3341b69c0d708
SHA1

b5a147984b0241c06ef2db482f333c8c65bb010c
SHA256

caaf0887d7aca0615b2f777f06517f3944f4636e3ebcb2699eadb073c2a065bf
SHA512

0f490a816eab97675744a7c7852f67ce4f6af0dc24141bc81a0a05d1e202c4883ac67082b8ff720998c7726c40d683f94c319a0c5cbc9c032f02bd19e01b30b9
SSDEEP

196608:+gtwdG8TLGdZl7jv1Qs6y7EmsjSTaWOHRyesC4C1Cvg+a8:LtJZl7rGw7wjSTRysC4Vvza8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
679274775.exe

Files

679274775.exe
.exe windows:4 windows x86 arch:x86

f661d51b716b01821c34ea37a2a8ea0c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA

user32

GetDC

advapi32

RegisterEventSourceA

mscoree

_CorExeMain

shell32

SHGetDiskFreeSpaceExW

comctl32

DrawStatusTextW

Sections

.bss
Size: - Virtual size: 14.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 103KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE