6faad7dee190f23d979c10bde30aa9e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6faad7dee190f23d979c10bde30aa9e7
Size

28KB
MD5

6faad7dee190f23d979c10bde30aa9e7
SHA1

dd4693bfd473986ffebaeaa059255bffd091a747
SHA256

b0863de84bbbdc3afde4ab39fbe9e2fcab1c6fb8a3bd066d547e1306c73fd892
SHA512

357f74372b0c1890d12b1af31f0359186d9ebba437862813b4fae4c06fbf5acee82a6257c7a11bd0b6bb8a9a1300d9253c9b557a34ba6178dfe33f4155eeafbf
SSDEEP

384:AWuByJEiLNVqmLQT0mnY1nyG3hQZVtDhJyiUdJrls+jTZeFyv/wSEcMV9DACENC5:+wJ9NEmi6yGyyiU3l/kgB/E9D/b5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6faad7dee190f23d979c10bde30aa9e7

Files

6faad7dee190f23d979c10bde30aa9e7
.exe windows:4 windows x86 arch:x86

dd4b6e82779827476158430052ab9dae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

wsprintfA

advapi32

RegSetValueExA

shell32

ShellExecuteA

ole32

OleInitialize

oleaut32

SysFreeString

Sections

.text
Size: 23KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE