de50bbff62cb41a727f5b033c317efb9e6db7ff5b9b734a3da813c00dcb91690 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de50bbff62cb41a727f5b033c317efb9e6db7ff5b9b734a3da813c00dcb91690
Size

63KB
MD5

b4a19abd6e0921b484c67fcde80fb975
SHA1

d5916f06a16a9e57803777d8f7706e21c9ed4e67
SHA256

de50bbff62cb41a727f5b033c317efb9e6db7ff5b9b734a3da813c00dcb91690
SHA512

439f89c804dcbc5f8e2c820d0346424a54dd39415595c0adb0f551ea35253fd3b99fb8d915a19474712e8260353d7a2eca115b5c3e2cb33f5dbb3af72f7ad758
SSDEEP

1536:71bvPtMA0XXEW6iHIfLcEkfzipFyqc3GydVZRkXtUesN2qcypvY:71TGHeiozcEkL2Fyqc5ZRkXuFkqcEw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de50bbff62cb41a727f5b033c317efb9e6db7ff5b9b734a3da813c00dcb91690

Files

de50bbff62cb41a727f5b033c317efb9e6db7ff5b9b734a3da813c00dcb91690
.exe windows:4 windows x86 arch:x86

a9cff5a350a81bc7eb15411dce9f9720

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Wow64RevertWow64FsRedirection
VirtualFree
GetCommModemStatus
InterlockedCompareExchange64
EnterCriticalSection
BaseInitAppcompatCacheSupport
GetThreadPreferredUILanguages
WerUnregisterMemoryBlock
GetLocaleInfoW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE