d6f56ecd19fa563766690c26b4032bb05086e00f5d23759e389ecfa7b37f55b6 | Triage

Sharing

General

Target

d6f56ecd19fa563766690c26b4032bb05086e00f5d23759e389ecfa7b37f55b6
Size

4KB
MD5

98cfc67eed512ad39df7bcc60ca10812
SHA1

3ed03ab2d56ca0a674c2a2ff6acac588f00cd691
SHA256

d6f56ecd19fa563766690c26b4032bb05086e00f5d23759e389ecfa7b37f55b6
SHA512

f90f22dfd064ad2b5791b58a8453f72e1a7608bc29325fde9af6aa091e63d2b5226b8fc8b3713a06385f3f3f9f6d2072c87de0ce6c4296276b1b9af3909b7870

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6f56ecd19fa563766690c26b4032bb05086e00f5d23759e389ecfa7b37f55b6

Files

d6f56ecd19fa563766690c26b4032bb05086e00f5d23759e389ecfa7b37f55b6
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Lenovo\Desktop\XieBro-v3.3\Binaries\Release\Client\ShellcodeStager.pdb

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ