b411e9f3af78c184ca4a349c09fcd5d0 | Triage

Sharing

General

Target

b411e9f3af78c184ca4a349c09fcd5d0
Size

5KB
MD5

b411e9f3af78c184ca4a349c09fcd5d0
SHA1

5151091fc553f7bf238c1f0db2ac582257a854b5
SHA256

a3cb50bf34e646c028af18bb16da97e2bc378b7df1786f1ba29d54f3eafd4d1b
SHA512

fc922cfa67882dba568b3d799114bd6a7e8f68799f1debf4f93735ef64b8ea36dea2aabf092db95551e22a85e3eaae1f2edfa3d1ffa87d57b4fa1bd0e5f44e3a
SSDEEP

96:7dYY5ki6Pg2AIL1xdc+w+Znz+oyWIKrg2ctc:7dYsbIg2V1xdc+d/yirhcC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b411e9f3af78c184ca4a349c09fcd5d0

Files

b411e9f3af78c184ca4a349c09fcd5d0
.exe windows:5 windows x86 arch:x86

0524f940a3ee01b97a2d800c39f6f701

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
HeapAlloc
HeapFree
GetProcessHeap
GetProcAddress
LoadLibraryA
GetModuleHandleA
lstrcatA
ExitProcess
CreateFileA
GetWindowsDirectoryA
WriteFile
Sleep
CreateProcessA
CloseHandle

Sections

.text
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE