b79530a6384a360d4a9e48f4ef22a2eb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79530a6384a360d4a9e48f4ef22a2eb
Size

108KB
MD5

b79530a6384a360d4a9e48f4ef22a2eb
SHA1

7a1ce823c9037ae82b3f10ad327ba67fc9010e46
SHA256

983ba75dab026d442e979d4ee4e4ec9a987bd7c42c4bd5143780aa2c52ce3563
SHA512

d8c40598a4f5d092dba174e4c369639fbd0f67eaaf7b0e53a13b7ff1ef1ee324a2ca6c08b7b063cfdc3fe8334d188fe891b7ee4648d501e90968ecd69d55ebc1
SSDEEP

1536:7wCeSFY/8hVwUk97qy265jrqKnrxEXpAu7WAOr8KfHkTvxzXO7q2ZUEMt7wefrO9:NekhHkTNj5iXYAOrnf+NGq4MtseDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79530a6384a360d4a9e48f4ef22a2eb

Files

b79530a6384a360d4a9e48f4ef22a2eb
.exe windows:4 windows x86 arch:x86

09d0478591d4f788cb3e5ea416c25237

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

Sections

CODE
Size: 103KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE