b7bc48fc87bc2e5a5923f74f4b0b59f3f3326be9e7ba8d3408b2506365608385 | Triage

Sharing

General

Target

b7bc48fc87bc2e5a5923f74f4b0b59f3f3326be9e7ba8d3408b2506365608385
Size

5KB
MD5

95a1ee64e1637bc1f3e57e60a86360e5
SHA1

0131a56a7354e075aa32ce44686759e9deb43d70
SHA256

b7bc48fc87bc2e5a5923f74f4b0b59f3f3326be9e7ba8d3408b2506365608385
SHA512

418630cca36085707160e8af705fb22c116e8856ad1377a22a7d350a4cdb3adc90e371a892d0a00004c03c7084b62318f53a3b179709493f3f0be8c18a3b514a
SSDEEP

48:SflXWFPpT+dXVfzZh4yMGcKzMEkTaak4PAZivO2pB42pBdvMZL2R7tnRuqSxp:gWLkFfNnOKYloIQ2pm2pbYStxE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7bc48fc87bc2e5a5923f74f4b0b59f3f3326be9e7ba8d3408b2506365608385

Files

b7bc48fc87bc2e5a5923f74f4b0b59f3f3326be9e7ba8d3408b2506365608385
.exe windows:5 windows x86 arch:x86

7c5f9b19847a4e36080308f0e2c5add5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
VirtualFree
GetProcessHeap
CreateFileMappingW
MapViewOfFile
OpenProcess
UnmapViewOfFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ