D1FC6BBC02EED51AD977F5D93A12EBB6[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

D1FC6BBC02EED51AD977F5D93A12EBB6.exe
Size

10.0MB
MD5

d1fc6bbc02eed51ad977f5d93a12ebb6
SHA1

1a1483635eeff8349a5a737be934b085a4a16ed9
SHA256

8384e131a586480d33b995b709e56962d167be232d5eaed1fd5c9b1cc94c353b
SHA512

b8288d60df2a036dcf2c81b5032628e71ff5ad112c6d150b6ed922aef0a40a4df7b958a56928579dd206892f3f732dbb03e540e05c313a09c925df11ddb9589f
SSDEEP

98304:BhgRY/tS9EFqB6d6EE8cSj6SdEXqznNZ+aYUx42N63pbpbCt4uk41PA9:uY/tm3oE8H2SdEazLSUm2Nqly2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
D1FC6BBC02EED51AD977F5D93A12EBB6.exe

Files

D1FC6BBC02EED51AD977F5D93A12EBB6.exe
.exe windows:6 windows x86 arch:x86

b5af53b96a03972def1a5f287c0c1d5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

ole32

CoInitialize

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.QmV
Size: - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

..B-
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.B}R
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ