35e99f99c7e30d2d5ed1adedbf598b533f5805bb3ee0997015358e45bb8f5586[.]exe | Triage

Sharing

General

Target

35e99f99c7e30d2d5ed1adedbf598b533f5805bb3ee0997015358e45bb8f5586.exe
Size

432KB
MD5

3d8e9d825cb44b5dede5c0360587c511
SHA1

d04ca15750b7accb20cc0caa22f5e7d942ea4e43
SHA256

35e99f99c7e30d2d5ed1adedbf598b533f5805bb3ee0997015358e45bb8f5586
SHA512

1998022129f43c3a3286b22f2d60f25414bae95891b09f99ca61becc5709e814a1cc647361f5647001d44501886d7c57a5e369fa5065f0957d822c5d7664e537
SSDEEP

12288:oVq6C5uyTi+Zrsb/+SBlgwAMMu2nXPHdirdI:4q6CHlCb/nXTqlnXPHdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
35e99f99c7e30d2d5ed1adedbf598b533f5805bb3ee0997015358e45bb8f5586.exe

Files

35e99f99c7e30d2d5ed1adedbf598b533f5805bb3ee0997015358e45bb8f5586.exe
.dll regsvr32 windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Exports

Exports

DllRegisterServer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 452B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 398KB - Virtual size: 398KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ