6648109e4b4a77184427cdb9321545fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6648109e4b4a77184427cdb9321545fe
Size

416KB
MD5

6648109e4b4a77184427cdb9321545fe
SHA1

3e49c17f07dbc11b8939a7c3fe05955ca65623e5
SHA256

98c3d5188de0826d85a722dc0c40597bbad677ee9f16b29d82a38ae9e8080d83
SHA512

cece36b2f36465b5995f6428922dc2808e60731a9905884cf06a6b650a3ec8608428865d81721b79a6024ea4a8703383e326d95c1c8f701f26491fcf0b839798
SSDEEP

1536:h4VJBHKEDHoGuOZO1HprlH34qGmHkKcuOwX2Ebxtcd46VaVOd:EJBb7uDrl3f5L8pEbDcd/U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6648109e4b4a77184427cdb9321545fe

Files

6648109e4b4a77184427cdb9321545fe
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: 324KB - Virtual size: 324KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE