65f75ee79e0e4dd7a199eadfc5ccc337eb4a830d064ec9e4c66b63297d8bca36 | Triage

Sharing

General

Target

65f75ee79e0e4dd7a199eadfc5ccc337eb4a830d064ec9e4c66b63297d8bca36
Size

169KB
MD5

e6e08021ab723911c125aaa41e9e498c
SHA1

bc0787835d7324b02da0dd3e285acd90d442b6ab
SHA256

65f75ee79e0e4dd7a199eadfc5ccc337eb4a830d064ec9e4c66b63297d8bca36
SHA512

249e5ed74f74f5269d864839620a1f81e25783e122ee20df0e00c8278a8ddc8652dbadd7538bee3ef1e5ff54f776a6cb111ac7cb696f70049386e0fc5be87b1b
SSDEEP

1536:HYNndKj8fKeVPkFJeKT4W+UcTJ0ffzSeXIv1zSBF89HZzQGdTaOL+afoBJlXQp+p:1j8frmdcTOVKpIFG+GdIKoZi+EY9F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65f75ee79e0e4dd7a199eadfc5ccc337eb4a830d064ec9e4c66b63297d8bca36

Files

65f75ee79e0e4dd7a199eadfc5ccc337eb4a830d064ec9e4c66b63297d8bca36
.exe windows:5 windows x86 arch:x86

1e514447f004e9505dc193777ba8a65d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Source\plug\Shell2\Release\Shell2.pdb

Imports

kernel32

OutputDebugStringA
Sleep

Sections

.text
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 225B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ