11c62b8004d4b334202c7e5546ca3b88[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11c62b8004d4b334202c7e5546ca3b88.exe
Size

14.9MB
MD5

11c62b8004d4b334202c7e5546ca3b88
SHA1

60ad5cbe9104fb5c14d171d24c3e1e9269bdbae5
SHA256

7056b770005321314ab761af6dcaa312762d1f0b88cbd5d812697a02f612380d
SHA512

8c4fc23373601935c0f2d69e7fa1fd4d10e83884519b826c681c92f45397536199b5abad07286abcf92e99141e3a7c98088145c66908fd349b75f65577af2015
SSDEEP

196608:8JOrT46jzjPgWaTS6UicEScCSBhsqmY4uz14QVfoE5FmPlLaCCgeQyv4BgZSE0:8krHjPPg1IYHCSBhGY4uOwmPwMjr1z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11c62b8004d4b334202c7e5546ca3b88.exe

Files

11c62b8004d4b334202c7e5546ca3b88.exe
.exe windows x86

d02a2f25794b88116dec9ed5298f35b0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memcpy

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
GetModuleHandleA
LoadLibraryA
GetProcAddress

Sections

.text
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.@>#
Size: - Virtual size: 8.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.N\o
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.5;9
Size: 14.7MB - Virtual size: 14.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ