General
-
Target
dump-66d4710bc47954f9f17e80c3
-
Size
4.8MB
-
MD5
b33761bc9eb580be0077a3105e8280f1
-
SHA1
1b0072167c07deb5646b1bce1ebdd5201a4808b4
-
SHA256
749b0ef80d5b19139b3977240fca3b7824f4fdd1eafc2d315967129efc3a8a1e
-
SHA512
5895329101be1e19f3fea8d3197dbe308227281eecb45fc7b02ce1d0c6f7c5c707427cc8af7f991f97892f50f6c5538d00560a77ac6c8f935604cc112ddd23fd
-
SSDEEP
98304:gHWM4iUjZ3kk5t9Pbs4kIr63flFVcaf7O2Si1hu:gMuIr63f9caDOZq
Malware Config
Signatures
-
Amadey family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dump-66d4710bc47954f9f17e80c3
Files
-
dump-66d4710bc47954f9f17e80c3.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 183KB - Virtual size: 416KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ijcvunku Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
diyhzvsh Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE