486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96 | Triage

Sharing

General

Target

486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
Size

1.8MB
MD5

a7323bcf0df71286fa3156cefb8e3049
SHA1

e9dd309d06cd5f9bff60fc4dc914fe9672193c61
SHA256

486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
SHA512

9143e73a9ccc52305c8c43a0397f8f47caeaf8a1953a96cf962890bf9757b5a9bb03e3b169612f8e7011757d20698662ae3f18a375c6baf380c792c4e27e6ae1
SSDEEP

49152:QoUMXNA6rEDrof7gzSdeRmeyC/0H9+q3uEoq:QpMXNA6oIeSiJyECH3Qq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96

Files

486d31298b8392f4d62679ad3e5bca6f0fff1deda78851367021376c6a3c3d96
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wcjrprme
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

aczpyjwy
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE