b149e535d8306749a60fb00b404ff8e0e90dffcc0c9b6266ae6bd698fcdc0df3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b149e535d8306749a60fb00b404ff8e0e90dffcc0c9b6266ae6bd698fcdc0df3
Size

660KB
MD5

fc2b6a2f030f35c3c351c03f096c82f7
SHA1

7a6f9384bb5cd644a3e379fa7ad142f734de1b26
SHA256

b149e535d8306749a60fb00b404ff8e0e90dffcc0c9b6266ae6bd698fcdc0df3
SHA512

4ddf1233146dc6bb244a8624771bfc174f1a6f50ed92067ae64b03f6603646fd4d212588d831b8d61182684837453fce91e48e7ae1340a522f3eae343afd97a9
SSDEEP

12288:Z9gqI8iyU5t6RqSBdqWfESKqw0YijA4VQGwrvbu2Q2x1/fSQgdpYp0XX:LgTyct1E6qwMj4XDDgdpb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/CV.exe

Files

b149e535d8306749a60fb00b404ff8e0e90dffcc0c9b6266ae6bd698fcdc0df3
.zip
CV.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

YpRA.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 829KB - Virtual size: 828KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ