bd4e8e4c762c505842d30e15783d56e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd4e8e4c762c505842d30e15783d56e8
Size

360KB
MD5

bd4e8e4c762c505842d30e15783d56e8
SHA1

940b01ee74613ab11dcb434f5f26322fe1e1dca3
SHA256

691dca1f313599fb3524d7b9c90212533b20e81e48b946453be0c648bd30f7bd
SHA512

59891ef8e5228e9841c305555d30ede95f6aadc1677cd51272ea82a81a154148c5372283aaac0402a0db1b324f8f6822b2545ab20d37da85fa6e83b5e40428e9
SSDEEP

6144:3c+8cua5mRdpgC/lmnLsRPcan74ncBK85AK7GGTLkjSy5+RC9Q/tP8n/yEbGXXe4:sDe5qRmKcaknmAKHTLU75sCm/dxWoXe4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd4e8e4c762c505842d30e15783d56e8

Files

bd4e8e4c762c505842d30e15783d56e8
.exe windows:4 windows x86 arch:x86

dae2264e721d7c66f7fa35e864d11aba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
LoadLibraryA

Sections

.Kaos2
Size: - Virtual size: 784KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Kaos12
Size: 356KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ