0d6783dc60af5f9fc8babea329cd30a7c16e93c5557408603836aeef415dd90b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d6783dc60af5f9fc8babea329cd30a7c16e93c5557408603836aeef415dd90b
Size

5KB
MD5

b14558221a61c6074c77954e5c099c56
SHA1

cfeb05cd98e83932e4b65de32cf39330ad728b17
SHA256

0d6783dc60af5f9fc8babea329cd30a7c16e93c5557408603836aeef415dd90b
SHA512

f59547bda2633a369af6bfaa264fc9a2c5e3b40ccaa66ab1d7b491eb3d3204bbc70b3bc432f1642935347000d22e285c10f3c5c07f18c39cfeebda6e916c4f50
SSDEEP

24:e31GSmLZs799AJaNxWfeRiPWOJtSgPPz4YIz2GGj9BxEhHBK7f7cdupCe9PnRuVO:CIs7QJGlRiOnr/A7yOjSu3hRuqS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d6783dc60af5f9fc8babea329cd30a7c16e93c5557408603836aeef415dd90b

Files

0d6783dc60af5f9fc8babea329cd30a7c16e93c5557408603836aeef415dd90b
.exe windows:6 windows x64 arch:x64

f04aee8aa80b763a618f1721682ff743

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

c:\users\itayh\documents\visual studio 2012\Projects\CrashIt_x64\x64\Release\CrashIt_x64.pdb

Imports

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Sections

.text
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ