5b3be63e494a84c956589bf2a1bbd023eed78affab01227b3b7db401dd01d32f | Triage

Sharing

General

Target

5b3be63e494a84c956589bf2a1bbd023eed78affab01227b3b7db401dd01d32f
Size

2.7MB
MD5

f14e97a1abdaf1ff45ba1713e42e5338
SHA1

7856c4aacaad28a8e286ece2a1b1e05b37592ba5
SHA256

5b3be63e494a84c956589bf2a1bbd023eed78affab01227b3b7db401dd01d32f
SHA512

323ac708ed97e349c3764aa1f65ba3fcab18b0f4d4316486e04d4b1a778a530739bdd42871bdc1c11645293cfc8071bb74527004428f5c6a8c8c2fba531a6257
SSDEEP

49152:LpnuOdgE6piCdBpkPwgdTnBKLBE+W58UnlGORA4k:L5uOdx6piCTpkPt1no9Ez8UT2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b3be63e494a84c956589bf2a1bbd023eed78affab01227b3b7db401dd01d32f

Files

5b3be63e494a84c956589bf2a1bbd023eed78affab01227b3b7db401dd01d32f
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 90KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

htxpdfzj
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kcnnugso
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE