629763eb39d91bb69848475c90ad1e63[.]exe | Triage

Sharing

General

Target

629763eb39d91bb69848475c90ad1e63.exe
Size

4.3MB
MD5

629763eb39d91bb69848475c90ad1e63
SHA1

dc7b1a7b530dc7c8a22e50836ad747483b06bf3e
SHA256

b493e279c1d18ac53caeca4e865c658c25f256fda1be8a5d9ef33184e67497e0
SHA512

ae32f35381b81bf9242f8ecf0932ecc35ab32d8f113e196f95bf1828bfc8c5ec82214e9c2967af2ca660779921fd2001dc68faf86a52b771d2006d773478ef80
SSDEEP

98304:Iz59801nKEwOdv/4QHqYX/osqMZX2E7EHgk:Oe01nKKHNosdZmIEf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
629763eb39d91bb69848475c90ad1e63.exe

Files

629763eb39d91bb69848475c90ad1e63.exe
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrcpy

Sections

Size: 2.5MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lqffkoae
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wsxqcczr
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE