85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6.exe
Size

167KB
MD5

f477f5fbc95bbde03a24cf42f6751afa
SHA1

ae5a1b7a21fecf571d037baf85069d5b58b107ba
SHA256

85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6
SHA512

a53e25979a723914e348c1efe09f28467af54fb17aa1763bfb0fed61eb3d3726e89dc7e7a5e80da75172a10527598d3c3c823f35b2ed5dc721f24e2bd964477b
SSDEEP

3072:M3sTSNgdIE4jneWJjxzRTLwlCTYhoDWmdUD2LH0kQhHMzJ+2ZedIcgQ7exgwt:M/e46AvTkmioH0kSwOb2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6.exe

Files

85b1a980eb8ced59f87cb5dd7702e15d6ca38441c4848698d140ffd37d2b55e6.exe
.dll windows:6 windows x64 arch:x64

18ecba85a4db5cb9282cb4f36e09b31d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
LocalFree
CloseHandle

advapi32

RegCloseKey

Exports

Exports

Hdooie
_invalid_parameter_noinfo_noreturn
abort

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ