Yel3NaHGSpPRcV[.]exe | Triage

Sharing

General

Target

Yel3NaHGSpPRcV.exe
Size

2.4MB
MD5

027834b2ebc7f1b02143d8e7f8c17aab
SHA1

c4d19cab893e0fcb19d5de25e26e441faceb88ee
SHA256

5b740dd5064d571eb065d94e252b11dd2c5ff0f82e7932c06c4acfd55e5a0cb1
SHA512

0c87b7ddc9ec8b32ed9a787cb633d232cca78cb58d0b42fe2ffc7206498d2121c608b45b6f5cc696cf96d2b771385036abfb2b19b6d1a6d6d133dc7a867af353
SSDEEP

49152:P2TxAt739Kik+gzh+VWNBmsXn1JObl7J6fDKz0vqsS8+5wYAeU3ki65n3e2:nh39KhrykBmsnOL6L40/S83sx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Yel3NaHGSpPRcV.exe

Files

Yel3NaHGSpPRcV.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 147KB - Virtual size: 147KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ