0911c94ce0979522999ab8e796c4e5a3db35cdab27dfd208902c24f77556a967 | Triage

Sharing

General

Target

0911c94ce0979522999ab8e796c4e5a3db35cdab27dfd208902c24f77556a967
Size

5.0MB
MD5

1cd88ba6c43ec0f578f261746327cc9c
SHA1

d2c1d38a835fdfc81be5739ae5b863a663118346
SHA256

0911c94ce0979522999ab8e796c4e5a3db35cdab27dfd208902c24f77556a967
SHA512

1b64ec2e8f48a6486836e5eeba530973317d3f468c3ae00f43b06c0254e9d200c8504d9ac2f17b8220d8fa5b1496bb934f9c950e2616f85fbf7a82192f014ec0
SSDEEP

98304:X8nLpn2Y/JerNUDz7zuLRSF20AUSU7S3T24:snLp2lRSk0AUtw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0911c94ce0979522999ab8e796c4e5a3db35cdab27dfd208902c24f77556a967

Files

0911c94ce0979522999ab8e796c4e5a3db35cdab27dfd208902c24f77556a967
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

csrlwcus
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

amtrozjl
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE