89ecd5c6181e19ba845a4aeb3ed90cf6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89ecd5c6181e19ba845a4aeb3ed90cf6
Size

101KB
MD5

89ecd5c6181e19ba845a4aeb3ed90cf6
SHA1

4810466ee52c4043fb54d8eac3ba5f0d28c8fb1b
SHA256

c61271a5b47acc8f7e9683e6a58d2b672c773c5b04042a337c82ed417d77b56d
SHA512

e6bb544b2f1ef8979783ba61a44ed449c36ece6d5887325226f2d827983172a37204622e63306a4d8262e3906fd6486283c19d791cf4562be43464526e3fc83a
SSDEEP

3072:F1/OZU+ihDZGJVOSnfNHzHLz+UJLLIXXsUJLLIXXN:zmdzZfNTH/VJiXJi9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ecd5c6181e19ba845a4aeb3ed90cf6

Files

89ecd5c6181e19ba845a4aeb3ed90cf6
.exe windows:5 windows x86 arch:x86

dbd4c5b52dda40e93a7d4185d69c0e1e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Z:\tw1n\test\Release\tw1nCrypt.pdb

Imports

kernel32

LockResource
LoadResource
FindResourceA
VirtualAlloc
GetModuleHandleA
lstrcmpiA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 95KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ