81ccbbfcfd5e8991632a16d6b4d28b36ef74409773b3e5622cf58cf43638ce07 | Triage

Sharing

General

Target

81ccbbfcfd5e8991632a16d6b4d28b36ef74409773b3e5622cf58cf43638ce07
Size

2.0MB
MD5

31c844530d857c4266248543c40284cc
SHA1

97f7aae6867695e025abdc5e1a7d446d7c5b875f
SHA256

81ccbbfcfd5e8991632a16d6b4d28b36ef74409773b3e5622cf58cf43638ce07
SHA512

8ea1e7b81251c07032a4d78eff745f316e7b9a28ca3e003de63ed4190589d85f8f25ae512e0f4f95b5388d92ed38da954c517b996c381f51c237a437123a482f
SSDEEP

49152:/nNForSjuTyy880u4Ld2ZxkryOFAMsfcCNxvBdVl46Pu:/nNCrSjUvUuxEAMBSrVP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
81ccbbfcfd5e8991632a16d6b4d28b36ef74409773b3e5622cf58cf43638ce07

Files

81ccbbfcfd5e8991632a16d6b4d28b36ef74409773b3e5622cf58cf43638ce07
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 413KB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fvvfrivq
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fjsconsa
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE