b79e1b9445d9f732fdaaf9048b7c0769 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b79e1b9445d9f732fdaaf9048b7c0769
Size

58KB
MD5

b79e1b9445d9f732fdaaf9048b7c0769
SHA1

4c90c857ce0d3fd6a4eeb340c75eb3f1dfbaff4f
SHA256

73c763a5c9a50d3650c7a594d6f6d9bcf14c34efd78212b0f04e6ce0560ac20f
SHA512

001d1008aa44c47bf39ea1dbec0f1e2a1a9f7d401d55178a29ed1785bb4976787ab2d6fdedee5370b90d81517455a51f2fd2f003e7a6d6ffce523e8272122398
SSDEEP

1536:2Fg/ZOebP6XjGpDUIkigsDsC6HCIO3WjIfemPH6gXX6:ugZPSipHCHf4Ha

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b79e1b9445d9f732fdaaf9048b7c0769

Files

b79e1b9445d9f732fdaaf9048b7c0769
.exe windows:4 windows x86 arch:x86

aa77d18b40072a7e1dc36630aafffd27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualProtect

Sections

.XPack0
Size: - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.XPack
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE