7f8f660d6f50593c56a570d01d22c8dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f8f660d6f50593c56a570d01d22c8dd
Size

238KB
MD5

7f8f660d6f50593c56a570d01d22c8dd
SHA1

79d3b739885696368d0a7d7a5d588c9ee75ae590
SHA256

d489c0a1674f8d58444845c1018039a251da3a63c55b529bb792525390b1059d
SHA512

fee636a98344558ee5c9d4f015460a45e43e756caba0afe6b516a2f648502e6c17c4f6256d2bade5194e18e0f860ee3cdb8bcfe8bfc8c8a0cacb78e76d5fc05c
SSDEEP

6144:d2GIALvQUCtfLTU+3uQNHWc2Ojbl/UH0:wGIAL1wX53drl8H

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f8f660d6f50593c56a570d01d22c8dd

Files

7f8f660d6f50593c56a570d01d22c8dd
.dll windows:4 windows x86 arch:x86

6c2329596ba63d0edbe5b2c6696d8149

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadHugeReadPtr
LoadLibraryA
IsBadReadPtr
VirtualAllocEx
GetProcAddress
GetCommandLineW
lstrlenW
GetACP
ExitProcess
GetCommandLineA
ExitThread
GetModuleHandleA
GetModuleHandleW

Sections

CODE
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdata
Size: 1024B - Virtual size: 733B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ