6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024 | Triage

Sharing

General

Target

6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024
Size

46KB
MD5

f63695203479723d8ce8479c7c8d853a
SHA1

083e4dc0125d79e26c4fc1c392d911475ea540ef
SHA256

6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024
SHA512

40cba85047b4963a68f66e0e164e001907191f9a73b6e0497ef33069847f7edf2019408a8d03f4ff41d96c7fea6f7225c9f88863d3ec273b5af1ad20dad302c1
SSDEEP

768:Erza/swUy71CzrzlFQaRBYBTNZzzlRrdIwMSfHNGY3t3sHfn/Jq:EykwUyJ+vQaRBYNNZzzlRrdIwMSfHrtv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024

Files

6e8bfb12e5d51772b0eb816384eb5531a68ade56f0fda4bfe8735ee70999b024
.exe windows:4 windows x86 arch:x86

e95e3c19c1b1846eddfe9b97188d572c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
CreateProcessW
DeleteFileA
ExitProcess
GetCommandLineW
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
HeapAlloc
ReadFile
SetFileAttributesA
SetFilePointer
WriteFile

ntdll

NtFlushInstructionCache
NtOpenKey
NtProtectVirtualMemory

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE