6fc4998438ffce729f91d9562aaf1a4f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fc4998438ffce729f91d9562aaf1a4f
Size

128KB
MD5

6fc4998438ffce729f91d9562aaf1a4f
SHA1

c28da39c0dcb4d786675fb3259d0e38b142b2738
SHA256

71f8bceaeac4ceb9945258fc4a4ddec32873bc279294f45e6c657ceb18944e9e
SHA512

cce2cf957da38c61ebc72a1a19f4e12190bfcaea455c783eb7f38a49742792436bfb40292cb4445d3e1c6b628b8b7a05e9c49f461a81982cad7591a45ca9ed04
SSDEEP

1536:XuRW70D8W62/mT8mpPOleC+wnDHlfwgsbUspIw9Ny88LUeZmOMTGXCiCJ:+RW7t2/g8m1SHhkIqn84eZvRSiCJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fc4998438ffce729f91d9562aaf1a4f

Files

6fc4998438ffce729f91d9562aaf1a4f
.exe windows:4 windows x86 arch:x86

3339231a785321abc771aa79e771ca13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExitThread
GetModuleHandleW
lstrlenW
GetCommandLineA
GetModuleHandleA
IsBadReadPtr
GetLastError
GetCommandLineW
LoadLibraryExA
GetProcAddress
IsBadHugeReadPtr
VirtualAllocEx

Sections

CODE
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ