6b3bdbb39738c1ecf9673a9efb1162ce | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b3bdbb39738c1ecf9673a9efb1162ce
Size

1.5MB
MD5

6b3bdbb39738c1ecf9673a9efb1162ce
SHA1

c1ff238b54c4096205282a7c106086f9e7482507
SHA256

14a0b5c3c329bb2890575553eb37c48f725e83d12b7cac1dec80d2aecf4579ad
SHA512

b94cdddd7e28e8a3bfdc2dab32983597e1b778322f3ae01f1c794cce8bda768ae94e9f32b7b6c2ffb079df97645e3227114017eaec79d89bc30a4961335ad826
SSDEEP

24576:hbgbrLR7M0f7mFRDz+JIfL9GcEGO17XkbbiRkWMnrHh:hEa0fMRDCCfXO14KRkWMrB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b3bdbb39738c1ecf9673a9efb1162ce

Files

6b3bdbb39738c1ecf9673a9efb1162ce
.exe windows:4 windows x86 arch:x86

d6e9e99700f03b686f19e63d16fa9604

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetModuleHandleW
GetSystemDefaultLangID
GetLastError
GetVersion
GetCurrentThread
GetCurrentThreadId
GetSystemDefaultLCID
GetUserDefaultLCID
GetModuleHandleA
GetCommandLineA
GetCurrentProcess
VirtualAlloc
FindResourceA
GetVersionExA
FindNextFileA
SetEndOfFile
UnhandledExceptionFilter
WriteFile
InitializeCriticalSection
GetTimeZoneInformation
EnterCriticalSection
SetFileAttributesA

Sections

.text
Size: 349KB - Virtual size: 349KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 726B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ