ca31ff7e015e94e5cc4e6c144b865c9015e047355ae78741be6813a78866ed04N[.]exe | Triage

Sharing

General

Target

ca31ff7e015e94e5cc4e6c144b865c9015e047355ae78741be6813a78866ed04N.exe
Size

1.8MB
MD5

1a4e1fae1a3aeef07eac3fd419dad050
SHA1

92007dce6f0f8984074b2644d9c96e0664423611
SHA256

ca31ff7e015e94e5cc4e6c144b865c9015e047355ae78741be6813a78866ed04
SHA512

aa50349edacc9e9259ed314e6adc7c285b575c9a62ab7d1432fd6adc2ba258629b8da705ccfaa81da726f33e1eeb9c98b9f11935ff5ae6d4ddb1d1c9ca15993e
SSDEEP

24576:nXnt4fRvo/+Htel63cZmh9qaIaToYhzPA5oB/qzVSSsZWBkLUmqPTIUiJ:KvFNe0McvqIoIIzzbGwBID

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ca31ff7e015e94e5cc4e6c144b865c9015e047355ae78741be6813a78866ed04N.exe

Files

ca31ff7e015e94e5cc4e6c144b865c9015e047355ae78741be6813a78866ed04N.exe
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 152KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xqunxxog
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nitjulkz
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE