509b5dba83f59a21e50f619b1b9133a0b05557db0437e8c89a244c712173fde6 | Triage

Sharing

General

Target

509b5dba83f59a21e50f619b1b9133a0b05557db0437e8c89a244c712173fde6
Size

1.3MB
MD5

fdb21d5dde04f93ad7ec25c0f605e744
SHA1

26616b4eaf687966238051f184478863c8e7cefa
SHA256

509b5dba83f59a21e50f619b1b9133a0b05557db0437e8c89a244c712173fde6
SHA512

1b30a5848d7d6a808e2c6b03c844f0dbe64a277c3f9dfbd6f9720a5842878b19541619e93fb9dc4fc45591624c8739f8bfbf196b81fef1329e16df36da15f882
SSDEEP

6144:K/IqLLxj+Zei/ypAShGhS+yX/HEpgPCbV1fNm3Tx0TpKidq2o7D29fx+J9zyHqYj:+L1DASh4SN/HEp64lQaVH8vaZ/Mwa4Dz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
509b5dba83f59a21e50f619b1b9133a0b05557db0437e8c89a244c712173fde6

Files

509b5dba83f59a21e50f619b1b9133a0b05557db0437e8c89a244c712173fde6
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\dbs\el\oc\target\x86\ship\postc2r\x-none\cnfnot32.pdb

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 340B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ