b39aa63d0f0e157d2807d2a16b5dfd40N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b39aa63d0f0e157d2807d2a16b5dfd40N.exe
Size

5.7MB
MD5

b39aa63d0f0e157d2807d2a16b5dfd40
SHA1

aa22428327a70e816f8437110e211418c1a6b6d1
SHA256

35d57582bbffa41cffc49ac966dc3c46e5473c7e524a66357fb551c79f32faeb
SHA512

c39e13315eb4c32a377c0d181e9c4b53adde29a4c1b19e8af3b2bdd44a04333b9a9c6d1b682c17b2f2a3b3ab2c455f7e753f7ae86a82a76879ac8c6d713ea465
SSDEEP

98304:haPBEDUILsu1SEs+vSK9NZ84fniLdhlQzS1sEAnd9EcO5Pt49ErcHS2yyebsLen:hABEZsubx9NZ8vOS1sEqi4i4HSmeXn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b39aa63d0f0e157d2807d2a16b5dfd40N.exe

Files

b39aa63d0f0e157d2807d2a16b5dfd40N.exe
.exe windows:6 windows x64 arch:x64

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

Sections

Size: 1.8MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ejuzqzth
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qwlvyqpc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ