14bd5ce9e634b4aaddf6502f52736c56 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14bd5ce9e634b4aaddf6502f52736c56
Size

91KB
MD5

14bd5ce9e634b4aaddf6502f52736c56
SHA1

1cc8f048f52d23f0c506c39479b20c962a1a017c
SHA256

9467dc6884ed62fb0d8b1184af353545271378b8ba5a03b995637a153f8b6421
SHA512

d7604e3b04603cea0a5e394964a4a84b244646b70a8442190f81d12e27061e973a2a2c171857a938c838bbe968e1802277ffa35229a8ac47870d204ea64b4bf8
SSDEEP

1536:hiyTrxY+3kP29+S9+hCyCpyPdzHd8NQExvUj/G2tasBMicw3b60oVyBIHO:h5rxDV9+W+hCyCYdz2NQ4cOwL60+yBH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14bd5ce9e634b4aaddf6502f52736c56

Files

14bd5ce9e634b4aaddf6502f52736c56
.exe windows:4 windows x86 arch:x86

5409e54af3b73956535d8f7f81033eb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
MapViewOfFile
CloseHandle
CreateFileMappingA
GetFileSize
CreateFileA
UnmapViewOfFile
lstrcatA
lstrcpyA
LocalAlloc
DeleteFileA
lstrlenA
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
IsBadReadPtr
SetFileTime
GetFileTime
GetCurrentThreadId
GetCurrentProcessId
ExitProcess
GetTempPathA
LocalFree

msvcrt

memset
memcpy

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ