ffb8c8b8796114903c89176c5fc680fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffb8c8b8796114903c89176c5fc680fc
Size

2KB
MD5

ffb8c8b8796114903c89176c5fc680fc
SHA1

0a50aad9d9cbebf0b4b5d9fbba666f253076c854
SHA256

e00eb67fbe9aec9dd7e14548a751a8efc425fc689735cb19b09fc80b329c7b09
SHA512

9222667a5ac906e9ae215453e8a95dc3b7e42a65021733cc9d68caf8ff0071fb449d2957eff4e6f1db6b150c9d84d81b60f96117372c4a3f7de95035d0091f98

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb8c8b8796114903c89176c5fc680fc

Files

ffb8c8b8796114903c89176c5fc680fc
.exe windows:5 windows x86 arch:x86

d5d5d0ed7b550b47f7df6ef353bda252

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
CreateProcessA

ntdll

memset

Sections

.text
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE