c6e2ed7e153e4edc970d5323bec2300b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6e2ed7e153e4edc970d5323bec2300b
Size

176KB
MD5

c6e2ed7e153e4edc970d5323bec2300b
SHA1

af690dd25d08bb98bccad5699f34ecc2c6f710e2
SHA256

35ec70d7cd5044b2f1e59329e5afca29977f9ecc9f5d25a31eb4c2d68f6fd2f1
SHA512

15dc1b67b37c725ce9543afeb1b77d3d9d265f603da5989052daac4cc3b13a7ed513b32da17435ec1425576da2497be5d86280d2ce44c8dd7f58156b682f9dbc
SSDEEP

3072:WEPN2MvqHlXZYmGLilnFYi9iJHE360bR7dZGlOc611bNY:WEl2MSlXlGLiln+i9w0bIlOrfbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6e2ed7e153e4edc970d5323bec2300b

Files

c6e2ed7e153e4edc970d5323bec2300b
.exe windows:4 windows x86 arch:x86

5563f65eb82c86d18cde94d444ba8005

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetTickCount
SystemTimeToFileTime
GetLocalTime
CreateFileA
lstrlenA
DeleteFileA
lstrcatA
ExitProcess
CreateProcessA
WriteFile
CloseHandle
GetTempFileNameA
GetTempPathA
lstrcpyA
GetShortPathNameA
GetModuleFileNameA
MoveFileExA
MoveFileA
GetModuleHandleA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
CreateDirectoryA
lstrcpynA

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyA

shell32

SHGetSpecialFolderPathA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 888B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE