824a5d1fc6ac6050922b1d6a62930d7e6c487b667a83412815e31980f9cfdaba[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

824a5d1fc6ac6050922b1d6a62930d7e6c487b667a83412815e31980f9cfdaba.exe
Size

320KB
MD5

6dd6003af29fe9c3bf8013dc4662b4c2
SHA1

a8a021655c58f41e9b5b3b185c2bd50706425ae3
SHA256

824a5d1fc6ac6050922b1d6a62930d7e6c487b667a83412815e31980f9cfdaba
SHA512

c7ceee2db3945fcf8487ff485b3df40101cea58b8ea367b2ecb45592a047c89f33ec7ec58288157216e0462ce25fe1bf9cd18563965dd28f29fda1965bb544f8
SSDEEP

6144:UbzTnZP2m5FpOA+dQ41MEL9888889ygxQQonEem2SX2Ln3yromkRlfmcnxqsSUB7:UbzTnUA+dQ4XL98888815o/Smrir/cnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
824a5d1fc6ac6050922b1d6a62930d7e6c487b667a83412815e31980f9cfdaba.exe

Files

824a5d1fc6ac6050922b1d6a62930d7e6c487b667a83412815e31980f9cfdaba.exe
.exe windows:4 windows x86 arch:x86

6388b9b43b237b95473e5f8ed35e95c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDllDirectoryW
AddLocalAlternateComputerNameW
TransmitCommChar
SetFileShortNameW
GetFileSizeEx
UnlockFileEx
EnumSystemCodePagesA
GetModuleHandleA
GetTempPathW
FindAtomA
CreateHardLinkW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE