b4db52719419f608b6b9d01ca88942cf1e27dd03b5509d8b1e36c6d9f1925b3a | Triage

Sharing

General

Target

b4db52719419f608b6b9d01ca88942cf1e27dd03b5509d8b1e36c6d9f1925b3a
Size

2.0MB
MD5

373d339bb9c741b43730b49fadb09b3d
SHA1

17cb28512e8db596f3273f41539d5880c2e6ad2f
SHA256

b4db52719419f608b6b9d01ca88942cf1e27dd03b5509d8b1e36c6d9f1925b3a
SHA512

789331b6eecb5b6cc71026b2a4d52ae836b673741cad36a531391bdcad03df445f6fc179ba19ab632aa9a6fda4604f2f4cc94d5b4c871b7d344ee3bad8d7fcbb
SSDEEP

49152:fhXOAsSRZihE+7ahenLLeMKO4BtLhEkm7fjPREX:5jsuZiTL5K5DlAfDqX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4db52719419f608b6b9d01ca88942cf1e27dd03b5509d8b1e36c6d9f1925b3a

Files

b4db52719419f608b6b9d01ca88942cf1e27dd03b5509d8b1e36c6d9f1925b3a
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 413KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aasnfmze
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

jsaokujr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE