6bde1616a1416f9919692e8bfb9d9e65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6bde1616a1416f9919692e8bfb9d9e65
Size

4.7MB
MD5

6bde1616a1416f9919692e8bfb9d9e65
SHA1

1cb7bb95eb8d12dca503241c63cfa3d41d6363f2
SHA256

34d65b8bd79839d331a9ecf4048c24ca1654a70e45e4f178b8253bd8e6f734bd
SHA512

6bbbac6a7caa776766358586e9eec61662dcf3e5d51893e2da82b8c7804faa0023a7ef87ca8fac4c3cc5542b88e70f4a741ffe45d08ed46f849be2f8d17b70d6
SSDEEP

98304:XerKza2oQnxAsatFwfmkzgS0tYQ8OAEfpNHhHeRRsq6L:vJSHFwuntt/JzHiRsN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6bde1616a1416f9919692e8bfb9d9e65

Files

6bde1616a1416f9919692e8bfb9d9e65
.exe windows:4 windows x86 arch:x86

20568fc01f7a6a608452834f60ca9b01

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectA
EnumTimeFormatsA
GetComputerNameA
SetEndOfFile
WriteProcessMemory
GetNamedPipeHandleStateA
GetLogicalDriveStringsA
GetCurrentDirectoryA
VirtualAlloc
GetCommModemStatus
GetSystemDefaultLangID
GlobalDeleteAtom
HeapCompact
UnregisterWait
GlobalFindAtomA
PeekConsoleInputA
LoadLibraryA
WriteConsoleInputA
Module32Next
UnlockFile
SetConsoleIcon
ReleaseMutex
AddAtomW

d3d9

Direct3DCreate9

advapi32

CredDeleteA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 499KB - Virtual size: 839KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 363KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 402KB - Virtual size: 402KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ