4c681f7880dda0290d8ea71fe43cb9b9999bc1094dd4ac01b8459d9446a89a5e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4c681f7880dda0290d8ea71fe43cb9b9999bc1094dd4ac01b8459d9446a89a5e
Size

36KB
MD5

6beb0d5f8f93acc8f3e011d6d8a62685
SHA1

81e09aca9e53afe453b6331657c4a8791e1f0910
SHA256

4c681f7880dda0290d8ea71fe43cb9b9999bc1094dd4ac01b8459d9446a89a5e
SHA512

42a8f3a0e37bf1d71de1c072f8de954a39d160969a5bc7cbe3e1c0e37a63dbaa0fee1c506f781057b2951acd709044c1d5da16745620794000a44c5ca36454e4
SSDEEP

384:FwgpZX30JWSRKuGpvw7wq6uBV08hVcqCtnQ8pkvwKwq6uaFClpdRXrSUG+ybdmoQ:F351008hVcqFbSUYtWH+CVwBHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4c681f7880dda0290d8ea71fe43cb9b9999bc1094dd4ac01b8459d9446a89a5e

Files

4c681f7880dda0290d8ea71fe43cb9b9999bc1094dd4ac01b8459d9446a89a5e
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Benutzer\Kevin\Desktop\Compiled\ElseSoft.HZBot.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ