de925d19eb1ca5e3e5d3f222265357523f91b859a5ae30087bc588bcbcf0bdab | Triage

Sharing

General

Target

de925d19eb1ca5e3e5d3f222265357523f91b859a5ae30087bc588bcbcf0bdab
Size

1.9MB
MD5

26cdd93ab5aa02332cd33c0282beba9f
SHA1

dbe088a6a212f0bb38b01a4ba7e1b4d1e2d06438
SHA256

de925d19eb1ca5e3e5d3f222265357523f91b859a5ae30087bc588bcbcf0bdab
SHA512

a8e45e60e2a4ad0ed0b8f7462f5a6abe3a7ab8a58be9762acb849adc16d09af47b7206aa4d096192a673c3e570d45c2d55853b1453b114102d51b7b753382955
SSDEEP

49152:6wsNTwnR1z6iK3VQfFMkn3mCz5wIuicZ:6w6ToDgiMknWw1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
de925d19eb1ca5e3e5d3f222265357523f91b859a5ae30087bc588bcbcf0bdab

Files

de925d19eb1ca5e3e5d3f222265357523f91b859a5ae30087bc588bcbcf0bdab
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xurofytt
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

grrkfeao
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE