a4eb0bba8b824e6725f5596a079e35ce7f24ce559f85c9d1f5b1dba414c06667 | Triage

Sharing

General

Target

a4eb0bba8b824e6725f5596a079e35ce7f24ce559f85c9d1f5b1dba414c06667
Size

5KB
MD5

6b9428f3c491b7be87638a90db79ce1a
SHA1

ebb4eb0c4f3d73cf306546224f63dc6ce3f6aa67
SHA256

a4eb0bba8b824e6725f5596a079e35ce7f24ce559f85c9d1f5b1dba414c06667
SHA512

60a1266227965171c12c5b693a7a0cf363c0d440d00eddcad31ccab238cfa00e6233df2fb1706a093c07e8057438bdfd7a966278933133b1c7ae5077a88ca57c
SSDEEP

48:SEqlXWFPpT+dXVfzZh4yMGcKzMEkTaak4PAZivO2pB42pBdvMZL2R7tIRuqSxp:lmWLkFfNnOKYloIQ2pm2pbYS0xE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4eb0bba8b824e6725f5596a079e35ce7f24ce559f85c9d1f5b1dba414c06667

Files

a4eb0bba8b824e6725f5596a079e35ce7f24ce559f85c9d1f5b1dba414c06667
.exe windows:5 windows x86 arch:x86

7c5f9b19847a4e36080308f0e2c5add5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetModuleHandleA
GetProcAddress
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
CloseHandle
VirtualFree
GetProcessHeap
CreateFileMappingW
MapViewOfFile
OpenProcess
UnmapViewOfFile
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 538B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 174B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ