2024-04-27_fa7bd15b70e80cc8bcede16b73ecdc1d_hacktools_xiaoba | Triage

Sharing

General

Target

2024-04-27_fa7bd15b70e80cc8bcede16b73ecdc1d_hacktools_xiaoba
Size

3.2MB
MD5

fa7bd15b70e80cc8bcede16b73ecdc1d
SHA1

412e7620f6f5bb46858c07e35bd3de39231a34a8
SHA256

bfd6a256684d65b538b3ecb800e0519a099145cdf2134664b0a7e291efea9dd7
SHA512

609ea9a15ab0ce499e43d79f113c27a430d1225f14cd7fbfe361f943bcf39dead63cf4ab1367ef619f0f1c15f20849074b6eae0c0115d0d99609ced8425b0240
SSDEEP

49152:6zG1BqCBGJdodXAGRe5CFHRoHgmAZf1N4:DBIKRAGRe5K2UZE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-04-27_fa7bd15b70e80cc8bcede16b73ecdc1d_hacktools_xiaoba

Files

2024-04-27_fa7bd15b70e80cc8bcede16b73ecdc1d_hacktools_xiaoba
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ