b67936ea47dddca9c2029ef6b864d2ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b67936ea47dddca9c2029ef6b864d2ca
Size

63KB
MD5

b67936ea47dddca9c2029ef6b864d2ca
SHA1

0b8816a93d568eef88c8fc9ca0c5210240224d72
SHA256

3cac4d1f95f8fcf1ef7a086092d4c2dfc40075654c9bb395838a28df1dae8c5a
SHA512

a9807edef224776d6d76e15cf7e5ac0eadd39fb8ea3678131a82e9b185eb69dc5cc35d4a764ea84780db661d79e1d467cd0736d0e6f5ca1611d1ef138f1b044c
SSDEEP

1536:qvKwJ6EJ5a4C2yDW/26dz7lxSCHWuc/2P+Qo:byBG/826ReC7Bo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b67936ea47dddca9c2029ef6b864d2ca

Files

b67936ea47dddca9c2029ef6b864d2ca
.exe windows:4 windows x86 arch:x86

97524001633207f6500ae174b444f754

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Heap32First
FindNextFileW
FillConsoleOutputCharacterW
ExpungeConsoleCommandHistoryA
SizeofResource
MulDiv
SetNamedPipeHandleState
FindActCtxSectionGuid
SetLocalPrimaryComputerNameA
GetNumberOfConsoleFonts

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE