6e479f054c2751721c9ecaaca04c4d4b9601fb73269abe01df5b9514bf519eaf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e479f054c2751721c9ecaaca04c4d4b9601fb73269abe01df5b9514bf519eaf
Size

13.1MB
MD5

af33d8e5ffdf3c2dc15d694a354d4acb
SHA1

bf2036c3ad824d23df85f5a312769ec5ed0335fd
SHA256

6e479f054c2751721c9ecaaca04c4d4b9601fb73269abe01df5b9514bf519eaf
SHA512

bc7a792bf01f2bd0b4f73aec4971558212638a8528da2023c69ff883b6335de4dd4015cf7f9521848d5dc124ff7b95316a1f974512240c0b4826630e1ff9da1d
SSDEEP

393216:XPiQXbZrp9yfWCXh0nGdCHxz+N8o50oXfNsx:XPiQXbZzCeUCRmZ91O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e479f054c2751721c9ecaaca04c4d4b9601fb73269abe01df5b9514bf519eaf

Files

6e479f054c2751721c9ecaaca04c4d4b9601fb73269abe01df5b9514bf519eaf
.exe windows:5 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.2MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 143KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ktyamuls
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

izqvpvaf
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE