b56f078dca3f0bdbf04897e8d49cf614 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b56f078dca3f0bdbf04897e8d49cf614
Size

298KB
MD5

b56f078dca3f0bdbf04897e8d49cf614
SHA1

046baaf4ccba290ff55a868554f494e546fbd150
SHA256

16041f9088ad139ba151a8d22d5d2f4b2859e43812abcd813c1946bd1bd6f32a
SHA512

9f58b7c033a77761fab52e76986304033b8e51ef58999309397e2b9e3098077e717f6b44fdebbafe260215748ebfcbd97104432eafa9bb96b9535c3891e9406c
SSDEEP

6144:k/Yuo0znW3bHc0cmeIEOy1iN99l6txo9blU6YKEv/L88/tEN:KOkWzc/meILy0NLK+xvlEX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b56f078dca3f0bdbf04897e8d49cf614

Files

b56f078dca3f0bdbf04897e8d49cf614
.exe windows:4 windows x86 arch:x86

cb3a4241eb8b7ff30a9f492c7e391a5b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
SetLastError
HeapReAlloc
LoadLibraryA
Sleep
SetHandleCount
GetEnvironmentStrings
GetStdHandle
TerminateProcess
FreeEnvironmentStringsA
GetCommandLineW
GetVersion
GetUserDefaultLangID
GetCommandLineA
GetCurrentProcessId
GetTickCount
GetModuleHandleA
GetUserDefaultLCID
GetLastError
GetSystemDefaultLCID
GetCurrentProcess
HeapAlloc
GetProcessHeap
GetStartupInfoA

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
__dllonexit
_onexit
_exit
_strcmpi

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ