feb74e768dc8cc7bf98c20ea8f2f23e5c3ffc8e327a41cd21d96bedf10ae7efe | Triage

Sharing

General

Target

feb74e768dc8cc7bf98c20ea8f2f23e5c3ffc8e327a41cd21d96bedf10ae7efe
Size

1.7MB
MD5

b0cf5e71ca872709d9445931c2aaad6a
SHA1

9793982f71ccab73d3dcc6ae13e76e537823f1c6
SHA256

feb74e768dc8cc7bf98c20ea8f2f23e5c3ffc8e327a41cd21d96bedf10ae7efe
SHA512

261f63dfcb6458f923cc0a0272a4bf068c83115ee2e838c79cc3055664959abd65413d3bd216b1a47706c39d7bff45d6b1ecf02d2926a65dde2845795d8e58b8
SSDEEP

24576:oWMA+zJ7Cze7EbuKEEqlA0kce1dJOyZUR0m5K1O8Uu/4cBWEbR+wiWua5UYdcziP:l+zZCzMLKeljkceYyaiQ8d3BVgYdq0L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feb74e768dc8cc7bf98c20ea8f2f23e5c3ffc8e327a41cd21d96bedf10ae7efe

Files

feb74e768dc8cc7bf98c20ea8f2f23e5c3ffc8e327a41cd21d96bedf10ae7efe
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 79KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qxxrqecb
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fstwenvh
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE