6b73bfbcf7117a5cc2f3784a883845f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b73bfbcf7117a5cc2f3784a883845f7
Size

8KB
MD5

6b73bfbcf7117a5cc2f3784a883845f7
SHA1

c74b2a45bcd9c0f0b58758da9e3462cff5b23452
SHA256

e4d481723d547894adc00ac7ab44c18ce571d602a578b35731b63312961eaac5
SHA512

32209f5917c9bc079293376918ad963bedfbf607ed4899b4e39a389e5c14ae527a10f3c939e00f39b9d0dd16c980903292ad36a83b4874443547c44557da1a9d
SSDEEP

96:W5nYnnVBwi2hfsZdSlC1Tp+XDSGJzIVANNLDJ7pRKRREWCGgWwAeigk1:GUkqxp+XBJzIVsN9pWCGgWf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b73bfbcf7117a5cc2f3784a883845f7

Files

6b73bfbcf7117a5cc2f3784a883845f7
.exe windows:6 windows x86 arch:x86

b19919e944c8d5653841bb3ae375f86b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RegisterApplicationRestart
GetModuleHandleW
GetCommandLineW
GetStartupInfoW
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange

msvcrt

_controlfp
_except_handler4_common
?terminate@@YAXXZ
__set_app_type
__p__fmode
__p__commode
__setusermatherr
_amsg_exit
_initterm
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs

msctfmonitor

DoMsCtfMonitor

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 805B - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE