49f25f614df142ad35b2eb0f4fd80b1f8b5e1cd9440175ecf1621f3eeac1f37dN | Triage

Sharing

General

Target

49f25f614df142ad35b2eb0f4fd80b1f8b5e1cd9440175ecf1621f3eeac1f37dN
Size

1.8MB
MD5

59ecf8215e767f57839f0c2decc7ae50
SHA1

d8cea78d96926260c787ac2af6f9de4b8087ef55
SHA256

49f25f614df142ad35b2eb0f4fd80b1f8b5e1cd9440175ecf1621f3eeac1f37d
SHA512

4f528980bbfa5e32a9a8ff33a14aa7b6b30f1aef9b0d3287c352d6fdc90b2f5b1501623f7a9426b04b0a88d658da5537aa8e3d0c08321c364dda66c9f80d0edf
SSDEEP

49152:mZEWP3KDkEBE0SCkkjN5zvXAiJ+YQcjglxy1SlFtJ:CPgkEBEYkkZ5LXAi4uEzJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
49f25f614df142ad35b2eb0f4fd80b1f8b5e1cd9440175ecf1621f3eeac1f37dN

Files

49f25f614df142ad35b2eb0f4fd80b1f8b5e1cd9440175ecf1621f3eeac1f37dN
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ifmuaeft
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lyzgvpxh
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE