006c0fa78c6869152e4c9c52ed90ae75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

006c0fa78c6869152e4c9c52ed90ae75
Size

132KB
MD5

006c0fa78c6869152e4c9c52ed90ae75
SHA1

39930a307e2b5ffb81a43a473363592577cc3b83
SHA256

32bdfb2b4d9310bf75a1bc5913d7a519e894d6be1e6cd70a30c9c8f7fbeb3320
SHA512

163f6f74e7474e1be14903efd0b03a2d97fd00098c5fe4861ff5c61cd122b5decc846d7d56381ac3cb1840f5d8987b027413824fb17563c306dad87246531caa
SSDEEP

3072:/bjpwspGXywjtp9060+98a7ea7DWJftE5iZemfx0xwVWkTt:/JwsQBrSJ+h7edE5QfRVZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
006c0fa78c6869152e4c9c52ed90ae75

Files

006c0fa78c6869152e4c9c52ed90ae75
.exe windows:4 windows x86 arch:x86

3d6464a3768ebe241f9db538bc80c6dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlen
GetThreadLocale
CopyFileExA
GetEnvironmentStrings
GlobalFindAtomA
GetEnvironmentVariableA
BindIoCompletionCallback
OutputDebugStringA
SetConsoleActiveScreenBuffer
ResetEvent
lstrcmpA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 308B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ