ef6985c74c21e438ea0dec039aeb50b42a68dbe69c5dd90a7a4070748bab62f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef6985c74c21e438ea0dec039aeb50b42a68dbe69c5dd90a7a4070748bab62f4
Size

464KB
MD5

1ed5e988dc4484aa2e39cbbc26c527a2
SHA1

211e33a66b82291c964cc99413f0a6d1b7379d3a
SHA256

ef6985c74c21e438ea0dec039aeb50b42a68dbe69c5dd90a7a4070748bab62f4
SHA512

e8b6b69f4b739e767dbdfce1c98f8cc64cac88984669a92f83ade950a81e7e1582caeaa844b0202082bd599a64a7858502f8e626fb24fb79bd14c27f4132f131
SSDEEP

12288:qclc87eqqV5e+wBoO+LheMxKGs6H3QJf6RIx0mf:qcSqqHeVBJQ5xKg3Qkmf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef6985c74c21e438ea0dec039aeb50b42a68dbe69c5dd90a7a4070748bab62f4

Files

ef6985c74c21e438ea0dec039aeb50b42a68dbe69c5dd90a7a4070748bab62f4
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 464B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l2
Size: 229KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ