996f9de8dfa6102ce8c454fae3055ed71f88c6b0e3fca5cf01917d7426d4a085 | Triage

Sharing

General

Target

996f9de8dfa6102ce8c454fae3055ed71f88c6b0e3fca5cf01917d7426d4a085
Size

2.7MB
MD5

a3167f62b73228ed7426a8d61a1d8e65
SHA1

8bf6c8c90144e23f799db7a82f990f6f57643655
SHA256

996f9de8dfa6102ce8c454fae3055ed71f88c6b0e3fca5cf01917d7426d4a085
SHA512

eb6d9284041877dd3a0a23b1890b3b64aae5b59cbf5cc0366d2e1f73273a77bca06ea8acf7eef2636387a5337df66723edc5ce3046d9f36d4c4973bd21fca3b1
SSDEEP

49152:z2e2Rw0skJ7kKvkoGK7vWFuXyuUXz6/mRDfxpCk4:z2/Rw0bJ7kKvkvKjWFU0jSsDf3Ck4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
996f9de8dfa6102ce8c454fae3055ed71f88c6b0e3fca5cf01917d7426d4a085

Files

996f9de8dfa6102ce8c454fae3055ed71f88c6b0e3fca5cf01917d7426d4a085
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 79KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

epkykmqx
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ffinfxfx
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE