91a9121e603a99e319a085831a57e15e1d1566eb32f422c4c47ae01ae0144f5e | Triage

Sharing

General

Target

91a9121e603a99e319a085831a57e15e1d1566eb32f422c4c47ae01ae0144f5e
Size

519KB
MD5

df030eca3526491b85b4486316d7c073
SHA1

dcb9cdbadf3cd42b7243762bbbc9b3f9c1ae689a
SHA256

91a9121e603a99e319a085831a57e15e1d1566eb32f422c4c47ae01ae0144f5e
SHA512

36e25d030b96a3a7d1c7cabb9a8e6ff8b40361becbaa24531368c2f49661d38568913f093e6c837778ffd65222b4cc165482baf97074e8b857bb7e45e7e0e6c7
SSDEEP

12288:ScGbZlfd0taD+hrDY8qT2s+H9y5XwpYFJ+PxAhJOwj8W:S1aUD+hrDY8hsa90APPcJd8W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
unpack001/List of gchain fall hoist needed for quotes pdf.exe

Files

91a9121e603a99e319a085831a57e15e1d1566eb32f422c4c47ae01ae0144f5e
.rar
List of gchain fall hoist needed for quotes pdf.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 808KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ