6b3b01c226a447ebc5bb3d6c676ae97b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b3b01c226a447ebc5bb3d6c676ae97b
Size

819KB
MD5

6b3b01c226a447ebc5bb3d6c676ae97b
SHA1

c6c3cde16bca91cf04251d55ce9f4529fa1a01cc
SHA256

49da2ad97a756738497da394db4df8369c544e6d8572e04196e8a0dc8df1c847
SHA512

59ed25d378af0bdb32ffd94a0c0625a235c56366cceed6e9f11b94d9cf9e28148d501a4dfae4e3502b5c13dedc92b1c28458035bf871426275db6dac5ae52b06
SSDEEP

24576:Ds15RkHJgKKEYbSDcwYLXPbVs2dG5kGe/eIB3M+SP:cHkHJtRakcp/b1GkeIB3M+SP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b3b01c226a447ebc5bb3d6c676ae97b

Files

6b3b01c226a447ebc5bb3d6c676ae97b
.exe windows:4 windows x86 arch:x86

fdbfec85672f73d2a4d49635454936d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
ExitProcess

user32

MessageBoxA

Sections

.text
Size: 744KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.perplex
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE