6a64e0b4db9a4db60aae95c385a1894b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a64e0b4db9a4db60aae95c385a1894b
Size

488KB
MD5

6a64e0b4db9a4db60aae95c385a1894b
SHA1

04b4f7e13b320cb91ac7f59fc319b557775f3499
SHA256

da9e7170e8a1155dcff0c4aa30913961d2bff34089ca31be02b09002a439ac00
SHA512

c2d029dcdda96683cd20af272e95bdfd3c1b43c5bddbf4c3e10d73cfd7668e97e8277837c8f6906c653faf178f9f7b195bf3bfd0beec155627c8472b2bfd1f7a
SSDEEP

6144:NECLvYMxsIfu1nEd3dSWs7+xGzpABgEFZzkvVlmbjayFvSX1t388UOC7S:NEGYH1iEykOBgJvu+e61t1UP7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a64e0b4db9a4db60aae95c385a1894b

Files

6a64e0b4db9a4db60aae95c385a1894b
.exe windows:4 windows x86 arch:x86

59c60efe8909b5003d6f18b1fc4a7467

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CredEnumerateW
UnregisterTraceGuids

kernel32

GetCurrentProcessId
CheckNameLegalDOS8Dot3A
GetCurrentThreadId

user32

GetMessageExtraInfo

Sections

.text
Size: 481KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 246B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE