d466c9d367a456a5f0a9986f4b726b67 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d466c9d367a456a5f0a9986f4b726b67
Size

98KB
MD5

d466c9d367a456a5f0a9986f4b726b67
SHA1

6ba3115e8c77ffdd0569caedc0bc2825b692a6e6
SHA256

c88cd458e89e8b706f702c342b44821768a3f4d92e13d1058950ee1a4ed34d33
SHA512

f8c6fd968cd9e4ee7033f50cc2bef746916422835dcb87274b34e3abcb1e66ed640a4652e95c6da1b819bc93bca6558b14bff2e91051a00720d6f79332084876
SSDEEP

3072:uWjLxfTAy9ElaXkmUriBytVaID464WWI62m:Z3ZJ0mUriBkaID47WM2m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d466c9d367a456a5f0a9986f4b726b67

Files

d466c9d367a456a5f0a9986f4b726b67
.exe windows:4 windows x86 arch:x86

9baaad6c7eab40b2177c3bf6047ffd68

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ConnectNamedPipe
CreateEventA
CreateFileA
CreateNamedPipeA
CreateThread
DisconnectNamedPipe
ExitThread
FlushFileBuffers
GetCurrentProcessId
GetCurrentThread
GetExitCodeThread
GetModuleHandleA
ReadFile
SetEvent
SetUnhandledExceptionFilter
Sleep
TerminateThread
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject
WriteFile

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 692B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 64KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE