06faf82b46f183a3069b5b7792b5f4eee85754e4d4120ef850b836ac177ab1dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06faf82b46f183a3069b5b7792b5f4eee85754e4d4120ef850b836ac177ab1dc
Size

2.2MB
MD5

ff237e743acb31efc0c128b880a970e4
SHA1

c26e16c2eeb079c3b8c302fff2bfa3912fba8e10
SHA256

06faf82b46f183a3069b5b7792b5f4eee85754e4d4120ef850b836ac177ab1dc
SHA512

f7fa32cbbbcb2fb3b57c423f8e96dc3e9ebfbfc2b50bfd56cceeac6af932b9b187525e3468f9517b105f59183a92409648762e209c9ee82cbabfa5e54afbf19e
SSDEEP

49152:B+hWIpQRATF4833Nmsr4A/KYd9uZu58gN7qLBxJKC:whSRATFHdmhmKYd9hsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06faf82b46f183a3069b5b7792b5f4eee85754e4d4120ef850b836ac177ab1dc

Files

06faf82b46f183a3069b5b7792b5f4eee85754e4d4120ef850b836ac177ab1dc
.exe windows:6 windows x64 arch:x64

0591593f23eee6610c8c28d411670ba6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

ScrollDC

advapi32

RegQueryValueA

shell32

PathMakeUniqueName

kernel32

GetModuleHandleA

Sections

.pexe
Size: - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: - Virtual size: 311KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE