F2AA2A4D52FD[.]exe | Triage

Resubmissions

17/08/2024, 01:46

240817-b61yjstdlp 7

17/08/2024, 01:32

240817-bxyf3azbkg 7

Sharing

General

Target

F2AA2A4D52FD.exe
Size

2.1MB
MD5

5e6fc3a2cd7c3f723695e3478ba56ddf
SHA1

bd5a8713c76c2619758a5ccddbe82a34be613411
SHA256

7505dd8946812d6a40c7f83d46641cfde80afbef2e673dcba799bde486820c82
SHA512

58014c628e4d75afc633de961a6d41079ce9c1401ffb7b4ffe393f25ad2512a2d8c35c7662b61655671b446e4c5942e859f28aba7cacf58997738a3d3a8cbade
SSDEEP

49152:xYGoIToh0/2uTe5j3PweuR+yF/riGjZt12KpT85vanLIsadl4r1Gtld4qpnJX+Z9:xYVFGde5j3PvAx9yd56LIsyEQD3BM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
F2AA2A4D52FD.exe

Files

F2AA2A4D52FD.exe
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 47KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xmsqbsjw
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

sjgovuwp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ