scan_865784UU[.]UU[.]rar | Triage

Sharing

General

Target

scan_865784UU.UU.rar
Size

654KB
MD5

ceb568e2081cb798004db61d8a9ddc5f
SHA1

3dd9da21da0f70abf498562feea76596168adf28
SHA256

004af6a9a8743250057ea5199c4764ab4d0c472babc5bfbb3b37beb74a4ca986
SHA512

42c958d149316f47d5a0b171920dacc58d833f2f1159281894b86b82a2b46d8a2b1655220fd9c10cb989fc0b959d76d617a6c0d82ef5c99e75f80f6e5914527a
SSDEEP

12288:L+ydmDlNQOMu9GRqXDR6qB63gYCmgYnZAyuuFqsFQBBeRkO1RYVZlRf+v/94ea:aydtOMu9GRqXN6DQYq2vrFQp2W1faQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/scan_865784.scr

Files

scan_865784UU.UU.rar
.rar
scan_865784.scr
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

FwdV.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 748KB - Virtual size: 746KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ