Virus[.]Hijack[.]ATA_virussign[.]com_d3c941e0a4139779815a4aca8c01d7b8[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Virus.Hijack.ATA_virussign.com_d3c941e0a4139779815a4aca8c01d7b8.exe
Size

111KB
MD5

d3c941e0a4139779815a4aca8c01d7b8
SHA1

10c3b1b7740557d593ec90ed1f1cd3b1e29c684c
SHA256

f0581cb36ea3b188c4d80f9ebba2446d6b2ed33d92f682983c306942f0dca5fa
SHA512

400fc0388f5f67382270f868020f9998cbc79361af4d52458122743989a8cf1222f4489fcd5c1ead95013981791378d182952fd4618ad513ebb551d8e0bb10d2
SSDEEP

3072:X/t2U0aKmTeNgbuyde3E9pui6yYPaI7Dehib:vtamDg2pui6yYPaIGcb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Virus.Hijack.ATA_virussign.com_d3c941e0a4139779815a4aca8c01d7b8.exe

Files

Virus.Hijack.ATA_virussign.com_d3c941e0a4139779815a4aca8c01d7b8.exe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 122KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ajelhf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ