389df27a4c0a96ccebb77722d502ba46b74be45f1b6a39189716deb76b0e8d4a[.]exe | Triage

Sharing

General

Target

389df27a4c0a96ccebb77722d502ba46b74be45f1b6a39189716deb76b0e8d4a.exe
Size

1.8MB
MD5

bc555453e167161e80e5d71952110fb8
SHA1

ced441305778199ae6039b36f12137059c20f3f7
SHA256

389df27a4c0a96ccebb77722d502ba46b74be45f1b6a39189716deb76b0e8d4a
SHA512

20bca4de5fcd8b1da7d608c27eec7bff218e01b71225c9bb612cf0bf11a4efdf4c3a019da421a84ee60f883ad2d68a9a017b8ff57ea6f340850c739d0198035e
SSDEEP

49152:zjJImEgOClAU4Q2Aqyp8NMF+1OcMUaeBQuU9sEF2C4oke:xIyh26deA9sU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
389df27a4c0a96ccebb77722d502ba46b74be45f1b6a39189716deb76b0e8d4a.exe

Files

389df27a4c0a96ccebb77722d502ba46b74be45f1b6a39189716deb76b0e8d4a.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 151KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ywhcmywm
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xzxnvjwq
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE