b506960d185a8b26e9a50fa6a44e1c8220e6d5fd8a52cd73ad04df8656f23a9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b506960d185a8b26e9a50fa6a44e1c8220e6d5fd8a52cd73ad04df8656f23a9c
Size

134KB
MD5

f2f8e8d3deb56a58271c3cb99caaa94d
SHA1

26ccb360229e0e606dd82c3f4206dc704786f0a8
SHA256

b506960d185a8b26e9a50fa6a44e1c8220e6d5fd8a52cd73ad04df8656f23a9c
SHA512

4a750794f772dd109e554a84b62e9cf4f1554513352425a0ec5b6fba122b63f41cfa06ebf20b233f501c06fd7ade6a60d5bc6ca54fcc4919a1d059265405f449
SSDEEP

3072:bUD9JxpzoSIP9tKXYPgqtA8+FnH07e9R23RnvU:bUD9JxpzozP6vq+80nU7zR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b506960d185a8b26e9a50fa6a44e1c8220e6d5fd8a52cd73ad04df8656f23a9c

Files

b506960d185a8b26e9a50fa6a44e1c8220e6d5fd8a52cd73ad04df8656f23a9c
.exe windows:4 windows x86

7356561522da79605eab86fd45677a06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeResource
CloseHandle
lstrlenA
WriteFile
CreateFileA
FindResourceA
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
GetOEMCP
GetACP
GetCPInfo
ReadFile
MultiByteToWideChar
HeapFree
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
GetLastError
FlushFileBuffers
SetFilePointer
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
VirtualFree
VirtualAlloc
HeapReAlloc
SetStdHandle
GetStringTypeW

msvcrt

??1type_info@@UAE@XZ
??3@YAXPAX@Z
_onexit
__dllonexit
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ