6c10908b3abfe8ae36bc24267a64a546bf9bc117b16344234857e8cc031a4076 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c10908b3abfe8ae36bc24267a64a546bf9bc117b16344234857e8cc031a4076
Size

1.9MB
MD5

9ab3056049db46aab996ce1e3a95d55a
SHA1

c476519817b7b25c454dd7810468a86bfea05290
SHA256

6c10908b3abfe8ae36bc24267a64a546bf9bc117b16344234857e8cc031a4076
SHA512

eff5406e9a637936efa80fdc0672e33eae0555661fa15cf98a7bef304ba8fecb6b7bade7620e303d950e3c97677b89b107a4a2105f2504f151cda9c2475f3872
SSDEEP

49152:yvrs1gYWHC5ktspVzqGMAs+6tY6CTlCmdCc5S7:yTaZZVuGMAtAmS7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c10908b3abfe8ae36bc24267a64a546bf9bc117b16344234857e8cc031a4076

Files

6c10908b3abfe8ae36bc24267a64a546bf9bc117b16344234857e8cc031a4076
.exe windows:6 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

Sections

Size: 183KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

noucllxh
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ztvcesdx
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.taggant
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE