감자서버 접속기v0[.]02[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

감자서버 접속기v0.02.exe
Size

2.4MB
MD5

bf3b97432310ca538a7db99ee63b256e
SHA1

25abfe7c7d335a8e0fc6acd9c468589d3ef01825
SHA256

301159557edba64a73d081c32f58e8ea1914b08f0ff68fc336aa7958111d0095
SHA512

40b740d3d2431ae049e856ea32ec1729d8ff7898dc4fa52f4d5be7382a39f9609106de86437abb2274935249ceca5b3ce51469b033de097cf76c73b2d5b5054b
SSDEEP

49152:y8avdm2m384ch/8R8u2WWRkdCtAawziU1sNhEFAhqbWS:NW038X/8R8uxW4C4ziUC8J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
감자서버 접속기v0.02.exe

Files

감자서버 접속기v0.02.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorExeMain

Sections

.text
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sf\
Size: - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kQR
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.)kf
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ