6cf9fdab5130c0d2f2ddfc8fc3aa45ade73801438703920a55a31aed3508944c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cf9fdab5130c0d2f2ddfc8fc3aa45ade73801438703920a55a31aed3508944c
Size

4.1MB
MD5

a72583a7c03f6a98483f98f2a854ba32
SHA1

0b39c0000b57e7d588b8d91bca6420c9eb63c250
SHA256

6cf9fdab5130c0d2f2ddfc8fc3aa45ade73801438703920a55a31aed3508944c
SHA512

3356385e4c5f4e90f6ccd235f83a835d92edcee0000494e6ca0e3a9c9c6c97eb525d54f200e3ed44c29fe70ed0f7a0e742b5207539ff1695aec633f9f3b236be
SSDEEP

98304:NXw2tuof2hPwDCpqWDofxHbVliSZNRXVwjeACipJ/:NXPt1qPOCpqiop7VRzRXVwjeAr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cf9fdab5130c0d2f2ddfc8fc3aa45ade73801438703920a55a31aed3508944c

Files

6cf9fdab5130c0d2f2ddfc8fc3aa45ade73801438703920a55a31aed3508944c
.exe windows:6 windows x64 arch:x64

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 2.2MB - Virtual size: 8.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqeoytoq
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bmmhkzan
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE