b98005ba49c3d5ad4576b26f12dd16f4bf860f253f7c9f6e7eabbd0842ef4cd1 | Triage

Sharing

General

Target

b98005ba49c3d5ad4576b26f12dd16f4bf860f253f7c9f6e7eabbd0842ef4cd1
Size

4.9MB
MD5

d43657f2c89c01967280fe9f9e87e10c
SHA1

9698fd6cd6aeccd56fcb403e47a222b7a30c5027
SHA256

b98005ba49c3d5ad4576b26f12dd16f4bf860f253f7c9f6e7eabbd0842ef4cd1
SHA512

b4d720e93a1ba67e08d06c5bedcd5de3d587dae9df29f41afcfaf2608bc87b917b599887fd1ea67ff3c7150abaec023b5e46bb5e4144db952233c063ca3fa29e
SSDEEP

49152:0xIjJiylyln4/Q/8H2FGVUQvh9RpkF+Oj4+3+LEFEmAUMVR:OI1iylyln4/88H2FGVUQJ9Anj53GSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b98005ba49c3d5ad4576b26f12dd16f4bf860f253f7c9f6e7eabbd0842ef4cd1

Files

b98005ba49c3d5ad4576b26f12dd16f4bf860f253f7c9f6e7eabbd0842ef4cd1
.exe windows:5 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aatskpkr
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

acbedpmw
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE