6b71b407e9958593a35d11bee56dc98b7fe899e3cba2f65e4f4c9a5ccd040b67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b71b407e9958593a35d11bee56dc98b7fe899e3cba2f65e4f4c9a5ccd040b67
Size

652KB
MD5

ee74b61557293a10e7720b8456b5f870
SHA1

076179b12b5ac08774a8b82b45c10c794501c4ee
SHA256

6b71b407e9958593a35d11bee56dc98b7fe899e3cba2f65e4f4c9a5ccd040b67
SHA512

e73edbb80ac191f4b60cd9f3a6a2ba4e73aea7c13a51a7f1e6e20d0a061088637313b3f87e992ccf9762a12753163be47c41ef3ef0e631e4c222440d81419393
SSDEEP

12288:Qw1v+9wxtxUXcIB/ULxOSIJ5n8I1c/kQSiFlQNnsju4LG5rWQN2x:tvyG6sAU+J5nBiFlQ5sLGwma

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/KE_20200320_PI Confirmation.exe

Files

6b71b407e9958593a35d11bee56dc98b7fe899e3cba2f65e4f4c9a5ccd040b67
.zip
KE_20200320_PI Confirmation.exe
.exe windows:4 windows x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 628KB - Virtual size: 628KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ