2021369193d03e836430c3bf64c7fc65cd45f517bfb1415619e4893218b9a759 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2021369193d03e836430c3bf64c7fc65cd45f517bfb1415619e4893218b9a759
Size

1.8MB
MD5

595516c099c878806dfc7202830f2a20
SHA1

d34038346aa80263f2113c6f291e4dd370a100ae
SHA256

2021369193d03e836430c3bf64c7fc65cd45f517bfb1415619e4893218b9a759
SHA512

47c282b3a642b84e8d0eeb719c8264a834ba7818f76b0881057e4742c0be6080a4924094f38bb432d94acda6e4aeb0dec16794ff8cfb25420e5e675770fecf3a
SSDEEP

24576:VPWdMSywCoESv8kdgkPFjGY1oSI5mKe79JbuwKcpeGv1xoee2BoQZR8rGHSL3SKu:3porF1oSEe7bI/YTR8rOy3F5eCip7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2021369193d03e836430c3bf64c7fc65cd45f517bfb1415619e4893218b9a759

Files

2021369193d03e836430c3bf64c7fc65cd45f517bfb1415619e4893218b9a759
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xwrmyutx
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uspqtasg
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE