a06eb90a3007cf11a67dbca9a2c49f71 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a06eb90a3007cf11a67dbca9a2c49f71
Size

55KB
MD5

a06eb90a3007cf11a67dbca9a2c49f71
SHA1

153dac4ec76c9f42b59ee291a6ea4b0cea58e0e5
SHA256

78f8f8f4cc3ab8a994eeb83bb21ecddf85b9ee1f5d5f5b8c1e9bd19292fc5a41
SHA512

db16a5ec3308eb3ecd0f8a3b656f45530958f74438b11ef4ed04c478067e3e487865c9dbe5d5889e3161ccd7951322b51081237aa8b05ba5f6451b7e15f4a92b
SSDEEP

1536:e5QRrKhQ1gquaG803+6OKf+yF5ZeMD8QXwi3VeKtPvtD:e5QRUQ1gql0O6OKmzMD8Qt3Vn9vtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a06eb90a3007cf11a67dbca9a2c49f71

Files

a06eb90a3007cf11a67dbca9a2c49f71
.exe windows:4 windows x86 arch:x86

d6ef982648a1996efed0ab816dfdb6a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
GetProcAddress
GetCommandLineA
GetConsoleMode
GetModuleHandleA
InvalidateConsoleDIBits
VirtualProtect
VirtualQuery
VirtualAlloc
WriteProcessMemory
VirtualFree

iphlpapi

GetAdaptersInfo

ws2_32

select

advapi32

RegSetValueExA

ole32

CoCreateInstance

oleaut32

SysStringLen

Sections

.code
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE