c11efb6d9bf03a6afa17708bd97b28a7fb68dc403cbb0736b4fee8ac633b2b51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c11efb6d9bf03a6afa17708bd97b28a7fb68dc403cbb0736b4fee8ac633b2b51
Size

6.1MB
MD5

e95abbe48408624e519764862ab7e45b
SHA1

086534be3e385e58540e543395fd359a286e901e
SHA256

c11efb6d9bf03a6afa17708bd97b28a7fb68dc403cbb0736b4fee8ac633b2b51
SHA512

8f55ca1d125d920e0ffdc96bf92fae3345c7a79fd6a1bc0a601ebf10bc7645ee4b9524d8d42d349454f06adbeb9808baafca0fe4b93fcdaf1aefa9692154090b
SSDEEP

98304:vnO7/nL4gLIYOBR35fUYRHXImyqEp0yfOM8V7A87AIbnamjF0DPtoy:vnaH/up5NdYQE6yB87VTamjctT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c11efb6d9bf03a6afa17708bd97b28a7fb68dc403cbb0736b4fee8ac633b2b51

Files

c11efb6d9bf03a6afa17708bd97b28a7fb68dc403cbb0736b4fee8ac633b2b51
.exe windows:5 windows x86 arch:x86

d0699abeaae9638fad6ac167eed33aa3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
GetVersionExA
GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.S`F
Size: - Virtual size: 53.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.NFV
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a:[
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ