easy_Malicious_06a1f13801afb4f7e27289aaf15656113a83b7c637a06288e40a0cc15968a840[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

easy_Malicious_06a1f13801afb4f7e27289aaf15656113a83b7c637a06288e40a0cc15968a840.exe
Size

76KB
MD5

562003f0c3acddac9d7eb6fe2e7a15f9
SHA1

2f20d56bcdc6c90c840b667406a2cedeb44b9ec5
SHA256

2b7ceb189d83d7fabe7e9b8822411b307d6fed01f4cac7e6d01906d43dbad173
SHA512

da097917c6c5482d9e3d4eaa1ffbf86d38541ed47755230a1bdbead944d73067976136fb731e82b26543daa542211b5b65b015be1599daf110ef8057fc68a453
SSDEEP

1536:rUwGzLxCjQcLDGUOpt3Oq3TPxAenxtsa71VAprgtytS82hW8fPLS:rgeI7x7rtwp0tytS8vYLS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
easy_Malicious_06a1f13801afb4f7e27289aaf15656113a83b7c637a06288e40a0cc15968a840.exe

Files

easy_Malicious_06a1f13801afb4f7e27289aaf15656113a83b7c637a06288e40a0cc15968a840.exe
.exe windows x86

11a69603fb165ce51fce24dd8508d49a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualLock
SetStdHandle
EnumResourceLanguagesA
MulDiv
GlobalUnlock
GetThreadLocale
GetConsoleAliasExesW
GetConsoleCursorInfo
SetTapeParameters
GetDriveTypeW
FreeVirtualBuffer
FindFirstChangeNotificationA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE