af008f192b749a5630b4a11bc56b9caf202e0d7943e1943f7b14024355b05a05 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af008f192b749a5630b4a11bc56b9caf202e0d7943e1943f7b14024355b05a05
Size

6.7MB
MD5

bd830e51ca6e610dd188495d2ba1d96c
SHA1

069ea39db5ee1a0ae18245b5f07208c3c0843619
SHA256

af008f192b749a5630b4a11bc56b9caf202e0d7943e1943f7b14024355b05a05
SHA512

ebb5fe284859d93e62a7c95d88a3a4140180d6aceb1fda60813face42c985d6ab079b4828ea8efefbb24eb7ce64aa8906423002ce64050f2d8ebb07ed10d75a0
SSDEEP

49152:nVD0YdsE6eMAPEphIoBQ4YegwdHjjzb1rzIahKxF7qBfWabotx:N0k16eMAGIoBQmBjafoh0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af008f192b749a5630b4a11bc56b9caf202e0d7943e1943f7b14024355b05a05

Files

af008f192b749a5630b4a11bc56b9caf202e0d7943e1943f7b14024355b05a05
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

Size: 2.5MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 64KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.winlice
Size: - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ