f3739ff53879b58f01646f7d49bba3c440243a9d0e9c21c8220d9760f71ec9ac | Triage

Sharing

General

Target

f3739ff53879b58f01646f7d49bba3c440243a9d0e9c21c8220d9760f71ec9ac
Size

2.8MB
MD5

693ece77c0e3fbc32d18393b31bc55a2
SHA1

7608b41ce0d5a18267ce2093134e636d3dca10e9
SHA256

f3739ff53879b58f01646f7d49bba3c440243a9d0e9c21c8220d9760f71ec9ac
SHA512

f748856e303eba664d36b9477bb667ad49d95a4e2ee2a0f42fabb49aeba2a53bf08865599a445c9cd4064165001d428d077693269e4e0888521c178cb51d7d9d
SSDEEP

49152:7itUHkCPzODisHOyIp7U7ychZsO4miN0aMgl6g5xboqIp42E:7iiHkCPzOJJIp74yQZsOZ49MglPfbg22

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f3739ff53879b58f01646f7d49bba3c440243a9d0e9c21c8220d9760f71ec9ac

Files

f3739ff53879b58f01646f7d49bba3c440243a9d0e9c21c8220d9760f71ec9ac
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 159KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

smouarfw
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kausvzmd
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE