6a88dc334a6a7ec25bbb345939e2bce9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a88dc334a6a7ec25bbb345939e2bce9
Size

128KB
MD5

6a88dc334a6a7ec25bbb345939e2bce9
SHA1

cb78aa2b098189864cb2b58c89a984fa4e58ef2a
SHA256

0f4a671b7c3f4d74d357907343a3356e30b69aa582f8890eee7afcbb53371c69
SHA512

a08ce29894b4df2e7445466fdad923295cc7d44f597f35e494f8deaaa9fc001daf01e0ea7a020f75e0bbe5c0e89e7ee264f7d3167f5aac767df368796648794f
SSDEEP

3072:xpin237SkFMUfh2IVDhK1g9ETbHFoax/CjhS18ZCJ:xpJFqUfIWha5Tbxx6jhS18ZC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a88dc334a6a7ec25bbb345939e2bce9

Files

6a88dc334a6a7ec25bbb345939e2bce9
.exe windows:4 windows x86 arch:x86

1c75073784981cee49d39c46ed7aafdb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetCommandLineA
GetProcAddress
VirtualAllocEx
GetModuleHandleW
GetOEMCP
LoadLibraryExA
lstrlenA
ExitProcess
GetModuleHandleA
IsBadReadPtr
GetACP
IsBadHugeReadPtr
GetCommandLineW

Sections

CODE
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ