f2f34cf13d0bb30963b24ba18b27501ae4d8d32632f8592b5be1c4b565819d12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2f34cf13d0bb30963b24ba18b27501ae4d8d32632f8592b5be1c4b565819d12
Size

5.7MB
MD5

54d22bc30602bbb2e16ceca26a1a8cef
SHA1

6cc9165151cd2c9451610b2ded7d96f670705b67
SHA256

f2f34cf13d0bb30963b24ba18b27501ae4d8d32632f8592b5be1c4b565819d12
SHA512

8a2415114920190a53a0a437e8da959ea9b9d61c56c367278258c0ac85ee56b2b025bdc22d95facd528556e51294b3763ca9c2c59b9e20cc7f17d84c47741f33
SSDEEP

98304:Ce/EdbwXZ24gi4BUuRlk4Vdt0acSLSjy5Kux1myCZ4uFzOthZIQ:CPmKi4B5fRduedxVZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2f34cf13d0bb30963b24ba18b27501ae4d8d32632f8592b5be1c4b565819d12

Files

f2f34cf13d0bb30963b24ba18b27501ae4d8d32632f8592b5be1c4b565819d12
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
CoreGetShell
DawnUiGetShell

Sections

Size: 1.3MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 105KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 35KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 262KB - Virtual size: 972KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 1.9MB - Virtual size: 7.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE