b6e2dbc46eff4f7fe6c64951049154d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6e2dbc46eff4f7fe6c64951049154d9
Size

19KB
MD5

b6e2dbc46eff4f7fe6c64951049154d9
SHA1

e09735f5c1a7988ae23de9a7c9b36949ec81784e
SHA256

a3c8293f4e90749c034b25a3b798a71b0a9a95850763961b233f3e14a1621be7
SHA512

6e26ac32b1bee576c9663cdba5134098e194467819dc1d7a980a2453252fde3da07d4cc7e778cd0fcb3ee40353c4c462ba5a6a5d6fa9735dcb8376d60f4500a6
SSDEEP

192:YOQ5Xx6w8PgMBrp19/avqrhPUX3IRykSXLkouJxvGq68hZzxjJizme4:Yz9xyP1Brlj5UnIck4woSZzRJC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6e2dbc46eff4f7fe6c64951049154d9

Files

b6e2dbc46eff4f7fe6c64951049154d9
.exe windows:4 windows x86 arch:x86

940b433a517f1fc036e18abe39ca5da7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

mfc42

ord4376

msvcrt

_except_handler3

user32

RegisterWindowMessageA

advapi32

RegCloseKey

shell32

ShellExecuteA

Sections

pec1
Size: 10KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE