06cb269b6ccf02ea7ad25128acd25261f9cd42f064481bdd51de02c1fa4075ab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06cb269b6ccf02ea7ad25128acd25261f9cd42f064481bdd51de02c1fa4075ab
Size

6KB
MD5

8f197aabfa185dc2069043c10c50d253
SHA1

a1f20634e68f3f4545f5abb2634e3013bc720135
SHA256

06cb269b6ccf02ea7ad25128acd25261f9cd42f064481bdd51de02c1fa4075ab
SHA512

dd3b101f4c6dfd944e7227937b67efa0c4902369c7e700220f5e9953e6f8437e983b011d40295eedab019222bbb7f0cb7cfb3f4617f29cfe54ad513f69e435cc
SSDEEP

48:Slbt0S4FVgCp471Ib4Fc/38+N7DYocHa23WlTpebVetFygFI5a2oxdVoZiG/9uAO:A0mIGnFc/38+N4ZHJWSY9FI5Wqpx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06cb269b6ccf02ea7ad25128acd25261f9cd42f064481bdd51de02c1fa4075ab

Files

06cb269b6ccf02ea7ad25128acd25261f9cd42f064481bdd51de02c1fa4075ab
.exe windows:5 windows x64 arch:x64

7c5f9b19847a4e36080308f0e2c5add5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
VirtualFree
GetProcessHeap
CreateFileMappingW
MapViewOfFile
OpenProcess
UnmapViewOfFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ