11e499ba0ed164dc637a2aa9759aba6e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11e499ba0ed164dc637a2aa9759aba6e
Size

132KB
MD5

11e499ba0ed164dc637a2aa9759aba6e
SHA1

1ecb31e04c70e06b69f7b7d8be3c7895821534f4
SHA256

2605db16a74530e0696ab77a9469e1c3a7b3ac71cc36a5f1c9a63e507fbd5ef0
SHA512

5a71bde1da115c810bbf3d0b8f53a4770b1478da93fc1d6838774ac4c6f916071945e6309b7524b80ecbb085810ce137340653f6ce0353899c8bdb512f2f5c02
SSDEEP

3072:NH38zT8Af4guxnP5c6Q5FJTS8RMT4jt/Q0pcFAarsHH:NeT8ARuxnP5fG59MT4yxFhy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11e499ba0ed164dc637a2aa9759aba6e

Files

11e499ba0ed164dc637a2aa9759aba6e
.exe windows:4 windows x86 arch:x86

130f53429d1ccd1feabc512065e1dddf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFile
CreateTapePartition
_lopen
OutputDebugStringA
SetConsoleNumberOfCommandsA
GetPrivateProfileStringA
SetConsolePalette
MoveFileWithProgressA
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

icode
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

idata
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ