61c9668a897fa26c61a84cbb0c380b4f25ce694398d0db5da624188db83e9f72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

61c9668a897fa26c61a84cbb0c380b4f25ce694398d0db5da624188db83e9f72
Size

694KB
MD5

43f5598c27b33b6442020a9037fac165
SHA1

28b46f67fa3a77be4784c3870e59e0ca44873562
SHA256

61c9668a897fa26c61a84cbb0c380b4f25ce694398d0db5da624188db83e9f72
SHA512

dff4bbaab6f7b3958b405d1931d694572af7e769733a4c16dd479e96840416c1621cff6c69e05914d4dbf740bb91acccd9b42f4193b2e9619728a9fbadd00097
SSDEEP

12288:/I3bJo3gCPeA/7/GoQS5AzUT3k0LFICr3d6n6Zo9pIvp/IT5X3YZT5Ay:U9o3gI7kyAsqCk6Z2+R/I3OT+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Contract.exe

Files

61c9668a897fa26c61a84cbb0c380b4f25ce694398d0db5da624188db83e9f72
.zip
Contract.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

OQhQ.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 801KB - Virtual size: 800KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ