14d2e4cfc0eeb2d5d3cc86a6a456eb98 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14d2e4cfc0eeb2d5d3cc86a6a456eb98
Size

6KB
MD5

14d2e4cfc0eeb2d5d3cc86a6a456eb98
SHA1

e03af099e6b16e12feb5a776af4bc4075d207913
SHA256

7de2ea9c63f82fa760373f09196a817f1aee9286bc5c75b18d4e5dfddaa038c2
SHA512

c265a8340e07e800f929add708db9794e221341b81284f48717209f8f7b69155dd6a50b66cecd6773fb5e3d642ad4bf7e9883c943066fa0a685e6149d3b2057a
SSDEEP

96:JKNBkFRQlGxOukS3tcs/8OXL0xDHvf4As6wm3GEpxzONcWYZ4jUvS3hhGvHs8:smZ9csUtLDsWpZ8cv4IMfF8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d2e4cfc0eeb2d5d3cc86a6a456eb98

Files

14d2e4cfc0eeb2d5d3cc86a6a456eb98
.exe windows:4 windows x86 arch:x86

12ad1db1da310e74a1b4241cf1915ed3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

memset
memcpy
strlen

kernel32

GetModuleHandleA
HeapCreate
HeapDestroy
ExitProcess
GetModuleFileNameA
CreateProcessA
GetThreadContext
ReadProcessMemory
VirtualAllocEx
WriteProcessMemory
SetThreadContext
ResumeThread
TerminateProcess
CloseHandle
HeapAlloc
WriteFile
HeapFree
CreateFileA
GetFileSize
ReadFile
HeapReAlloc

ntdll

NtUnmapViewOfSection

Sections

.code
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ