3abd9925a66cbc91c5bb9b261fe18db081581fd898b1197122c20aabf055474a | Triage

Sharing

General

Target

3abd9925a66cbc91c5bb9b261fe18db081581fd898b1197122c20aabf055474a
Size

558KB
MD5

a56b296b440dd37fdc820a79373ab0d9
SHA1

cc555a9ece05af0a60ebb89e5c392c6dbbedac4a
SHA256

3abd9925a66cbc91c5bb9b261fe18db081581fd898b1197122c20aabf055474a
SHA512

a3a6ef1824d75eacd0342a6d21b0f80bb247ccbbedebdba5e26d1cb04e5ef41be85f758957a5f704cae160e946c2757e0531b1466b0409ccc2c09bd5c2b53186
SSDEEP

12288:cvVX9Koe0T8l++GpoTp2AnNtYyTlOr3++yDuzK4Y/3vw:at7e0T8l+xpoTp2ANtzlOr3+B+4/3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

3abd9925a66cbc91c5bb9b261fe18db081581fd898b1197122c20aabf055474a

Files

3abd9925a66cbc91c5bb9b261fe18db081581fd898b1197122c20aabf055474a
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Xul.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 552KB - Virtual size: 551KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ