218aebb6a74aebc7633d14855dff3fb6e0dee2e5f36916e6bdc432373ff87b53 | Triage

Sharing

General

Target

218aebb6a74aebc7633d14855dff3fb6e0dee2e5f36916e6bdc432373ff87b53
Size

577KB
MD5

3bb56036b1599f05aedf65fd2eb6a4a8
SHA1

dc0f7b06c37cc1a993619978db8622b7e30d5a73
SHA256

218aebb6a74aebc7633d14855dff3fb6e0dee2e5f36916e6bdc432373ff87b53
SHA512

50f016b8f7036b9df7607ef0ffdabbf31dde89fdebc1e99496ded895c49d2748089dee3800ca7f8b06cafa295ee10b89e9f06c4dd3590a2bf1e2c336e1d7718e
SSDEEP

12288:4aHbe7mbjG1C6tx8MwlBnNIvn90Qi0+I8JbykcZHzKBzNuL:4+eL/8bZ80QNLmbPvBzNK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/nmGdVmAxebb5aEP.exe

Files

218aebb6a74aebc7633d14855dff3fb6e0dee2e5f36916e6bdc432373ff87b53
.zip
nmGdVmAxebb5aEP.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

CDvk.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 726KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ