2f991471d2eec5a52522038f9d13940cea55071b786ff891ddc56625aa7aeb95[.]exe | Triage

Sharing

General

Target

2f991471d2eec5a52522038f9d13940cea55071b786ff891ddc56625aa7aeb95.exe
Size

1.8MB
MD5

6eed3320b3443bbe0b72d9e4fd7d6b7b
SHA1

a637e639cc3ab16a14ba812ec03316994267a163
SHA256

2f991471d2eec5a52522038f9d13940cea55071b786ff891ddc56625aa7aeb95
SHA512

d3d75e0d95bdf024950b206b49124acc9dff288ebedf7ee2e21838141a319982eaf888e484fe47db23dbfa339c6f489eb3110c83316d42f43ee4eaf6e18acb40
SSDEEP

49152:pGWEtsD/XCCz2p/WrqAKppDfOEL5E/RBefdm3klB4c:pAsCCz0WMZE/PeckT4c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2f991471d2eec5a52522038f9d13940cea55071b786ff891ddc56625aa7aeb95.exe

Files

2f991471d2eec5a52522038f9d13940cea55071b786ff891ddc56625aa7aeb95.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dvokpnxb
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qncgmwxk
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE