9f8c0914b7ccbc74bbeef57647d359869d420db4e7e64c244d9b702b05194dbdN | Triage

Sharing

General

Target

9f8c0914b7ccbc74bbeef57647d359869d420db4e7e64c244d9b702b05194dbdN
Size

2.0MB
MD5

36b01d1cf665eb15eb9c6b4fe5155dd0
SHA1

37cc4f1e0d628d8f9d249b19a6a38a3733032d0a
SHA256

9f8c0914b7ccbc74bbeef57647d359869d420db4e7e64c244d9b702b05194dbd
SHA512

d54decab11893e73282772e71f01c5eaff15758d053c0d06304ab9fe17bf5267b36afdf052398c804a8671939ce42adaa7ee4b4d5b271cd57487374ef35f2375
SSDEEP

24576:g320w4Fz884k9dISIC9Xt1xQ/RMTByL2RxUE6mlVe9Mfsym7rkx8J6UiLRymtKhx:gVFYtk4sd1xQgR1hlVe9MU8MSXW1h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9f8c0914b7ccbc74bbeef57647d359869d420db4e7e64c244d9b702b05194dbdN

Files

9f8c0914b7ccbc74bbeef57647d359869d420db4e7e64c244d9b702b05194dbdN
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 413KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xhnrkthp
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qwkyfitr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE