b7a00ad06ccceff1cf5fe5c7fed8e0d43b456662721ec668f91681196a1cb3ba | Triage

Sharing

General

Target

b7a00ad06ccceff1cf5fe5c7fed8e0d43b456662721ec668f91681196a1cb3ba
Size

536KB
MD5

4d9add7f38d2bfcfbc3d4bcf3f44e47d
SHA1

c9198de89705f6983a50c445ed1866a24cc9c846
SHA256

b7a00ad06ccceff1cf5fe5c7fed8e0d43b456662721ec668f91681196a1cb3ba
SHA512

06e86fdfd21bfc8b91f1489bda9e17e27e5bc6855a4f91753353d4d8fbcb645ccef8b70e92eb2e5ed7edad55e87fe75e7a597310e464354313d01a8a6a068d32
SSDEEP

6144:K3puL8eujbUcqbRI30RYAimlQY1KdZwzlW+2M0WybVGH/Itkug/i03s/nZYIVQV2:R8eSbcRYAplQYU3YlWOdT/pbqUVxg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

b7a00ad06ccceff1cf5fe5c7fed8e0d43b456662721ec668f91681196a1cb3ba

Files

b7a00ad06ccceff1cf5fe5c7fed8e0d43b456662721ec668f91681196a1cb3ba
.exe windows:4 windows x86 arch:x86

1697cde0e27bc10d619bed0fbd909f98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

>Llj5;l4v234j523mb;l45d4.pdb

Imports

advapi32

CloseServiceHandle

kernel32

GetConsoleFontSize
ReOpenFile

user32

GetScrollInfo
GetPhysicalCursorPos
GetRawInputBuffer
GetKBCodePage

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ