c1b9c07f39c1dff910163e7816dc4a14feca09fdb82ed0e3aaf442825d481df6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c1b9c07f39c1dff910163e7816dc4a14feca09fdb82ed0e3aaf442825d481df6
Size

46KB
MD5

7ee4a580faef1628f4b617c57abcb33d
SHA1

ca5f88933ae318a4d85fa113b5c996daa5c54bd8
SHA256

c1b9c07f39c1dff910163e7816dc4a14feca09fdb82ed0e3aaf442825d481df6
SHA512

0fe9c8871e19efea4ec1875a1f927fffb36b1e150de0b7697f2612c168aaf05b2554c3f172c3633c978f5a0ac23aeb16afe735a752a14974cefbe3a4a5bf61cb
SSDEEP

768:FesBzFln3OBjEwyWOhwaB32UWbktRREs3s3rVZK6vcZ:FesBzFlyEwyjDB39WbktRRZcw6vcZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c1b9c07f39c1dff910163e7816dc4a14feca09fdb82ed0e3aaf442825d481df6

Files

c1b9c07f39c1dff910163e7816dc4a14feca09fdb82ed0e3aaf442825d481df6
.exe windows:6 windows x64

fea35fd8d03505b79ea5de414be53534

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

MessageBoxA

kernel32

RtlLookupFunctionEntry
TerminateProcess
FormatMessageA
LoadLibraryA
GetThreadLocale
GetCurrentProcess
RtlCaptureContext
IsProcessorFeaturePresent
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ