0a71fafb1eaf0db08d406c4ec9254e8b175674ed9dc4e44a303a83c615208776 | Triage

Sharing

General

Target

0a71fafb1eaf0db08d406c4ec9254e8b175674ed9dc4e44a303a83c615208776
Size

1.8MB
MD5

b0e240ae08e6fd7008296290c3ec84f5
SHA1

0313579c5a7132b8249c7cdf6554395c09616cc8
SHA256

0a71fafb1eaf0db08d406c4ec9254e8b175674ed9dc4e44a303a83c615208776
SHA512

4f42b4f57669a90c86770c96fb39d6dc95b679a6f71c7ee6259f875973bcd1370188e136f1031c24059c4d28218aa70acee725815b0312b9521b215152133707
SSDEEP

49152:M3me7AJBxAGbS51p2AcDnFKq4ZFttJxFQDl:M3JD4sp2HGHtxFQD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a71fafb1eaf0db08d406c4ec9254e8b175674ed9dc4e44a303a83c615208776

Files

0a71fafb1eaf0db08d406c4ec9254e8b175674ed9dc4e44a303a83c615208776
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ltwhfqar
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

uqrhezha
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE