5188fdd183194ba6c632c33b013674cf9d4e38712ad6e438147b89b4d4c0fbe2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5188fdd183194ba6c632c33b013674cf9d4e38712ad6e438147b89b4d4c0fbe2
Size

1.3MB
MD5

21b2d6f92e463aa7bd36a39234ed99a6
SHA1

374a6b7e929753ecca28ccec7fc7573376b573bf
SHA256

5188fdd183194ba6c632c33b013674cf9d4e38712ad6e438147b89b4d4c0fbe2
SHA512

b8ec0bbcc303cfe864d97e25990b40d8f7389d0d9877b19dc3fd7bb2ae755f9b6b549d63b3781f9d41d1f2c10f4c9591a38de098be41080cc4b0630648cb110d
SSDEEP

24576:n5/C+XQEzEN/8oN92nfPoogmx4nSSojmgVGBNQ8p+JFCC9gRih811LhiY7o7vKZo:n5/zQsNwpXmx4S6gVGPQ8XC9th81iY09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/Uvaprnrtoh.exe

Files

5188fdd183194ba6c632c33b013674cf9d4e38712ad6e438147b89b4d4c0fbe2
.zip
AMM Consol 020-04860612.img
.iso
Uvaprnrtoh.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ