613dda690cc2ccaedd7660416478b064 | Triage

Sharing

General

Target

613dda690cc2ccaedd7660416478b064
Size

5.1MB
MD5

613dda690cc2ccaedd7660416478b064
SHA1

79e8b6e18c3ee35cc2909843c17a93c6ed3b0a94
SHA256

e9973498e9c6b86776c6bc4bd379b531e3390a43520421652173d0b5bcf0f730
SHA512

5b5a0c0e85cf7746df0d296ffe9bbe0e4c34be36a3e21d22e0ff32f4d1ae0f171c3ca16a8a5c7d92acdc56698df76220e74d35d151a18aa8b9549e1d7ed29b4f
SSDEEP

98304:isZd4DGVev+VxBEol6uHbrxXvOpdxyK5XL8jCp:7DM+VxO7unYpTf5XLX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

613dda690cc2ccaedd7660416478b064

Files

613dda690cc2ccaedd7660416478b064
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

nvannvkq
Size: 3.8MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

wqbsilvf
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE