00c34f0b31dde0988cfb54b8c7a9292c2af904147783a9f742fdf9850054e360 | Triage

Sharing

General

Target

00c34f0b31dde0988cfb54b8c7a9292c2af904147783a9f742fdf9850054e360
Size

486KB
MD5

859f935971b6bf829018da02f74ec17e
SHA1

8cba747e0444e27d6febbfb810ac0c9d44c34f8d
SHA256

00c34f0b31dde0988cfb54b8c7a9292c2af904147783a9f742fdf9850054e360
SHA512

522b02b2c768b8992153a92fa7acd703fe53a718ccc0a4ebfcddf448d3f700b50db657933b2b1d8ab9edb8c93b8522279e7bc71fd63a5484631ed87984da3c31
SSDEEP

12288:hyPGMfY8CshKmnxlW1NkzPSzt40vbwgzES:hCnY8lhzEkzPSx40vcgzES

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00c34f0b31dde0988cfb54b8c7a9292c2af904147783a9f742fdf9850054e360

Files

00c34f0b31dde0988cfb54b8c7a9292c2af904147783a9f742fdf9850054e360
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\dbs\el\omr\Target\x64\ship\postc2r\x-none\vpreview.pdb

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 344B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.c2r
Size: 512B - Virtual size: 336B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ