General

  • Target

    scan_241205-801_draft_PO.exe

  • Size

    1.2MB

  • MD5

    16df1bbb45f31ef099862d1df04b9741

  • SHA1

    e9c1056bc30a3817d84656a944b39190cbb1b7c9

  • SHA256

    b5486818c1913895b913ace02e94fee62a6468b3df96abd6c75c863499873dd2

  • SHA512

    083ed41b277bfdaa0876c756868acb0286d22eb498aa4f18638a258a86559ddc6bce35d777b259f71b7d392291d5ee0ad346671931c562c89bafc4c555d877cb

  • SSDEEP

    24576:tmwFwYo/knJ5vkeSTejf+WNvXgd93W0wbenPc15QClzZ:gkVosnJSeSTw+WNfgdlZ0iPc/Q+zZ

Score
3/10

Malware Config

Signatures

  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • scan_241205-801_draft_PO.exe
    .exe windows:4 windows x86 arch:x86

    b34f154ec913d2d2c435cbd644e91687


    Code Sign

    Headers

    Imports

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    fc0224e99e736751432961db63a41b76


    Headers

    Imports

    Exports

    Sections

  • Komlk.sis
  • Mantid65.cel
  • Montclair.Hys130
  • Rneblikkets.Nom
  • gabby.def
  • hell.fyr
  • shylocking.gri
  • teknikumingenirs.ung