6e853ac16c10134cc87d7b7d2e6e8d79 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e853ac16c10134cc87d7b7d2e6e8d79
Size

172KB
MD5

6e853ac16c10134cc87d7b7d2e6e8d79
SHA1

5238cfa232ae577dee7b7a5f5ab173d45c89279e
SHA256

d481f7dceecbc2960b205a045e9ac8ada5ee67076443e324475a0fecc38fd330
SHA512

5b88fa1605452905e274344ebe089d199d7bdda7ee28770c8ba65e9e8e9d98692fd73848f8ef5eafc6d1b5152bb3d8642ef78a30e2c9a2766d6bc9245983130d
SSDEEP

3072:RIhKn4nQf3X0ovJoFfOesEgbnTm4I+LY1GkbChXNzg1cW9nJDKN3T0:RYKnPf3lQOeeI+LY1GaCzz1WtJe10

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e853ac16c10134cc87d7b7d2e6e8d79

Files

6e853ac16c10134cc87d7b7d2e6e8d79
.exe windows:4 windows x86 arch:x86

ac11178f510fc2d3394a38b825e9ff8f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
IsBadHugeWritePtr
GetDiskFreeSpaceA
GlobalSize
SetProcessShutdownParameters
CreateFileA
GlobalFree
FillConsoleOutputCharacterW
BuildCommDCBAndTimeoutsW

user32

DefWindowProcA
DdeKeepStringHandle
InternalGetWindowText
GetQueueStatus
UnloadKeyboardLayout
ActivateKeyboardLayout
GetMenu
GetWindowRgn
GetPropA
SetMenu
DdeConnectList
SetMenuItemBitmaps
InsertMenuA
LoadIconW

gdi32

CreatePenIndirect
LineTo
DeleteDC
SetBoundsRect

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE