15dab0479b76e702fecf02a501837078 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15dab0479b76e702fecf02a501837078
Size

6KB
MD5

15dab0479b76e702fecf02a501837078
SHA1

d9e8304abd083333800dee719ea5d9632bb9686e
SHA256

6c20a47de2abf34ea6d3f892024a6f9371d01de0669bd859224b5e8b03164c5e
SHA512

63ccb03b652a752c3eef7db43e7b32e0d81162a4d2d8ea3f949e92b97f802dafc49e319d3200a30ab8d3a2d404c364044b008b61fb4fff0b1da07e8903331ada
SSDEEP

192:XbjAAl+D0F8m8qyYRB1GEMl4Epm9JvccnKQZM9yLN:X3AAl60F8bqyYFG/l4Hv9nzN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15dab0479b76e702fecf02a501837078

Files

15dab0479b76e702fecf02a501837078
.exe windows:4 windows x86 arch:x86

7c28cc9a4ac94c8babf92559200380d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

gdi32

GetDIBits

user32

GetDC

Sections

.MEW
Size: - Virtual size: 5.0MB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MEW
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE