b7828dd79ba9edc79def290472e98857282a314ecd3dc30f5a050749a6a47227 | Triage

Sharing

General

Target

b7828dd79ba9edc79def290472e98857282a314ecd3dc30f5a050749a6a47227
Size

2.7MB
MD5

32002d72d0769b00500155759da96aae
SHA1

9e00292c00b1551a6d4120005c2e09065fd58b08
SHA256

b7828dd79ba9edc79def290472e98857282a314ecd3dc30f5a050749a6a47227
SHA512

56b25fa079232a59937e81fc9767db953122da2025d9f856c4c7f38a7a78a5ff27215d047e7bbf87c97f645a4153abd53f4c8375f0d7c36e8c0e1ae2f975fed6
SSDEEP

24576:Pyqj5+Wi9RTts97v12lTgYMqaHh/L6kQoNBkyPRQASVYLNrmktkj/AmTG7A3Vc4B:Py25+rT8hznyYCAfAeanR/Nh4NsjNc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7828dd79ba9edc79def290472e98857282a314ecd3dc30f5a050749a6a47227

Files

b7828dd79ba9edc79def290472e98857282a314ecd3dc30f5a050749a6a47227
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 90KB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

kxlgauze
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nsmhjqhk
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE