9b0b645ab046e92892d3c91c1302bc22fa523cba5788ff024498ab7cd972353bN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b0b645ab046e92892d3c91c1302bc22fa523cba5788ff024498ab7cd972353bN
Size

2.7MB
MD5

9f6f7911edd7f83bab1b5d131f4505a0
SHA1

4acf924a798b9c54634d9dc8935bd4457f0c7696
SHA256

9b0b645ab046e92892d3c91c1302bc22fa523cba5788ff024498ab7cd972353b
SHA512

aa2a422c49d4b73654ac543ef3b9855ba7d03aff9aca25b50630f4abfa645e1b5b40cb3dc418cd196f12a29258984b990448dc6fdb90a24827477b921e814e36
SSDEEP

49152:9VyT+P66XbOP/ZzA2DItg1Hoaz6wecYfFkURwlhyAuLjf/IVgs5+xP:STE66yXZ02DwUHoazRofxIhELjf/IVgs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b0b645ab046e92892d3c91c1302bc22fa523cba5788ff024498ab7cd972353bN

Files

9b0b645ab046e92892d3c91c1302bc22fa523cba5788ff024498ab7cd972353bN
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ