5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
Size

1.6MB
MD5

47fba6325c6c368d956be7ccafb06c9a
SHA1

30cbf652787ca93fff2da7032c35218842cc0cf8
SHA256

5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
SHA512

9076daf8dfb326c43ca667e8b9529171da4f1e62ef6592ced40571041e864ce41e3c97e361c0e0e72574fd401c97bab13b0c0053f70ce9ea52139adf86ff4c29
SSDEEP

49152:twdhgYXFDNKU/20ALN+ZrYdA4xG+h94eG/:HuNV20oNGj4xGfe6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893

Files

5efc57b6f3240b25eba5615927ef3470cdabdea9815bf80488c50942756bd893
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

qlfH
Size: - Virtual size: 3.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

XCCM
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE