7b9a12b7d322a55b951420ddf2159f8f0d5a655fdbf83d61e4d4e6a16a635742 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7b9a12b7d322a55b951420ddf2159f8f0d5a655fdbf83d61e4d4e6a16a635742
Size

5KB
MD5

136e58d597de089d394dfbe104d1fa0c
SHA1

585351cf247c686206c384bb030a287159808b7c
SHA256

7b9a12b7d322a55b951420ddf2159f8f0d5a655fdbf83d61e4d4e6a16a635742
SHA512

b3218ed608bfb7e623d740f60076a154f21fe9f3be067a59247153bddb93f73ca982c4e88f7c7e061833856ef4eae72d0a2aa24a282cc4be5a2029bfb84bf4da
SSDEEP

48:SHlXWFPpT+dXVfzZh4yMGcKzMEkTaak4PAZivO2pB42pBdvMZL2R7t7RuqSxp:YWLkFfNnOKYloIQ2pm2pbYSJxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7b9a12b7d322a55b951420ddf2159f8f0d5a655fdbf83d61e4d4e6a16a635742

Files

7b9a12b7d322a55b951420ddf2159f8f0d5a655fdbf83d61e4d4e6a16a635742
.exe windows:5 windows x86 arch:x86

7c5f9b19847a4e36080308f0e2c5add5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
VirtualFree
GetProcessHeap
CreateFileMappingW
MapViewOfFile
OpenProcess
UnmapViewOfFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ