b6c8a97cc6b9311046f9848d8c785dfc5c6c494abdc3eaf7d8a6bb3c81fa730a | Triage

Sharing

General

Target

b6c8a97cc6b9311046f9848d8c785dfc5c6c494abdc3eaf7d8a6bb3c81fa730a
Size

71KB
MD5

41fe779e38aeb74624b7f1dee6ca695b
SHA1

83104cecfc2b1c374e3040cfc92fc06c0c2e5705
SHA256

b6c8a97cc6b9311046f9848d8c785dfc5c6c494abdc3eaf7d8a6bb3c81fa730a
SHA512

8fb28ce0142e583b955c8bc886bd08d779838a0168b393e95de40eebd675fc5946ce9b41d9830c3ed2ebd60e7638018c4ac4bf139ffbad48ff21bba8f82bcec8
SSDEEP

1536:12Q90zSRC74BnOHDvn+D/hGJsX/E+4E6Ir/muJRVJuoTuzv+dpUE4xeQ:tQvnQ/+svE+36Ireuao3UJxZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6c8a97cc6b9311046f9848d8c785dfc5c6c494abdc3eaf7d8a6bb3c81fa730a

Files

b6c8a97cc6b9311046f9848d8c785dfc5c6c494abdc3eaf7d8a6bb3c81fa730a
.exe windows:4 windows x86 arch:x86

24cf141b14bcba4eb1cad02086d6a904

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPackagePathByFullName
MapViewOfFile
OpenWaitableTimerA
LocalFlags
InitializeSRWLock
SetUserGeoName
WerUnregisterRuntimeExceptionModule
CopyFile2
CallbackMayRunLong
GlobalAddAtomExW
PssWalkMarkerSeekToBeginning

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 56KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE