edeb8426778778ac23db4f12a4defd0af2e514dc808737c9d02ba3fbbc2b52bf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

edeb8426778778ac23db4f12a4defd0af2e514dc808737c9d02ba3fbbc2b52bf
Size

63KB
MD5

e19fd124bd15b618f99f8f51bdf54459
SHA1

914353c57c57ecd25dcfb8f7102aa4f4a9e15aa4
SHA256

edeb8426778778ac23db4f12a4defd0af2e514dc808737c9d02ba3fbbc2b52bf
SHA512

f5153b1bd076f93f9ee089e0ca942cee8c017572305afe9cd52dec838e6862be7e008f6e6390f064f0add1bcdac9ce139b9a92bfb18b67e8a76c41744cf659af
SSDEEP

1536:c4jR7zSgoy9wIvK/PL35M/L3v9N/nnB/CH7S2JKn2D:jtSgoqvK/PLJOfp/wbJaS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
edeb8426778778ac23db4f12a4defd0af2e514dc808737c9d02ba3fbbc2b52bf

Files

edeb8426778778ac23db4f12a4defd0af2e514dc808737c9d02ba3fbbc2b52bf
.exe windows:4 windows x86 arch:x86

0894794d0e7ce9015567e3ae10e5825d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedPushListSList
CreateThread
OpenState
SetNamedPipeAttribute
LocalReAlloc
IsEnclaveTypeSupported
WerpGetDebugger
GetDateFormatAWorker
BaseElevationPostProcessing
GetCPInfoExA
InterlockedPushListSList

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE