ece898dbf4ca20a4101874b727229cd21345ccd70aee4eff6a8969562a1b12c0[.]exe | Triage

Sharing

General

Target

ece898dbf4ca20a4101874b727229cd21345ccd70aee4eff6a8969562a1b12c0.exe
Size

1.8MB
MD5

c80e20ddeb793a58a17dbfb8c9c26270
SHA1

9f3febbd34b418272e00dd705bda25de5976974c
SHA256

ece898dbf4ca20a4101874b727229cd21345ccd70aee4eff6a8969562a1b12c0
SHA512

47dee3e3103b3fa8863f48cd60bf7aa41cd8526fb06d6c7b5186734f3b8f3f46bc40d884e973d25da91b63b19165bb6c12afcf35e24d057a611182ed2d5386cb
SSDEEP

49152:y+sy9MOPtKHghDQPlpt1KaCxwVNj+E1LE64drqwT7:yo2SQgaPrtPDV8E1gFNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ece898dbf4ca20a4101874b727229cd21345ccd70aee4eff6a8969562a1b12c0.exe

Files

ece898dbf4ca20a4101874b727229cd21345ccd70aee4eff6a8969562a1b12c0.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 151KB - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qzkxevgy
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nqymejvt
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE