d2bec93259b0048a6bc7b0c1614029d2897794566f862110909bee415947465a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d2bec93259b0048a6bc7b0c1614029d2897794566f862110909bee415947465a
Size

1.8MB
MD5

1229a925b3358d31348a2334e136f1ab
SHA1

3681c2d5a4a8aa8b4aedab81ed22e591685a7c5d
SHA256

d2bec93259b0048a6bc7b0c1614029d2897794566f862110909bee415947465a
SHA512

6337a3ad50e231630893975a57ccd799580b8fbf220dd6c166a2931a6dae8d8a6f98d9ffcf9093e6fd25ad2aeab9e09f31cc35eafc6a82c30e3ebac0fef79248
SSDEEP

49152:JJ3J9TiHYeBdwOZQphN+fPy4HnPNBfBEjO8R:3J9TirBZQjN+y490OY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d2bec93259b0048a6bc7b0c1614029d2897794566f862110909bee415947465a

Files

d2bec93259b0048a6bc7b0c1614029d2897794566f862110909bee415947465a
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

akpmrfqj
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

gidmojtl
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE