b6fc78a652f0aee0591ba70c1e664e04 | Triage

Sharing

General

Target

b6fc78a652f0aee0591ba70c1e664e04
Size

192KB
MD5

b6fc78a652f0aee0591ba70c1e664e04
SHA1

432da33aea15177377c3ebed348276bd54fa3c04
SHA256

984e304cd12886ce3157e4828fef366390c30200f1655954c9796d0f1a075abf
SHA512

0040cf0056771bfe256f0cd2e3f0d7b8b53af26b744890d746edbfa3bc24d0f951ccdcb919256e563121fb7d6f094059e5886145c2f9e62693590cc93834365a
SSDEEP

3072:FgAzaW6CRTHpfC066Bbu10Tjwnp/HqUQXNC//JBOl6pCgp0DkaHtJtmgpc:aQaW3RTJfgmo0TjzrXNRlXgp8bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6fc78a652f0aee0591ba70c1e664e04

Files

b6fc78a652f0aee0591ba70c1e664e04
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 186KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE