b81c944c5e96b7546fcc72a7ca07d706 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b81c944c5e96b7546fcc72a7ca07d706
Size

1.1MB
MD5

b81c944c5e96b7546fcc72a7ca07d706
SHA1

941828eae67d7ba491bba7528f3cd28f27bda764
SHA256

cfea53f8c4b30458587efb5e5508e5ca9d8fdef6b0599338a24563a1e5822a32
SHA512

d6dfc2f39b79cff59bc745476e372d0834294393921950e67f597a7a9ba7fc0efc99d28444880803658ec9b56c0dc89fa08d474d138ad1df49a4506fc7565d43
SSDEEP

24576:vaOGkrfHonhIRi2FL4MemPJO0v+VlPLXtn:ukrAnhuL4dmRIl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b81c944c5e96b7546fcc72a7ca07d706

Files

b81c944c5e96b7546fcc72a7ca07d706
.exe windows:8 windows x86 arch:x86

f2e69f7f9124d52b3e488471f1abe994

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
ExitProcess
VirtualAlloc
GetCurrentProcess
CloseHandle
VirtualFree
VirtualQuery
CreateFileMappingA

Sections

.text
Size: 789KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 307KB - Virtual size: 307KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ