13f3feb56b524bd8d940af19b3c94f60N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13f3feb56b524bd8d940af19b3c94f60N.exe
Size

63KB
MD5

13f3feb56b524bd8d940af19b3c94f60
SHA1

d508a3c2f6476032db8c107890a250f77fc7a342
SHA256

bb218f2c2acc7ddd3114b1c5d5e8f412f2e0ed0626f9fe1ebb2d0dc64b9501f8
SHA512

e681dc4552d86e3e5ff090428ea2b8729c47abc695d84c1535897ab236d014e81cad975bd26e956c0b1f8cfc64f8bdccae3a5dc3963d49b43cebe6954cb88d06
SSDEEP

1536:4vGFglnuyfjCFhvW4GHjiIgTFGxBKmU5jHDk:4vGFQnxu6DDiT4G1lHQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13f3feb56b524bd8d940af19b3c94f60N.exe

Files

13f3feb56b524bd8d940af19b3c94f60N.exe
.exe windows:4 windows x86 arch:x86

2941d72f67d9a465fa518f729f2a668a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileMUIInfo
SetFileAttributesTransactedW
TermsrvAppInstallMode
GetCPInfoExW
CallNamedPipeA
InitializeContext
ReleaseSemaphore
GetConsoleInputWaitHandle
GetFileMUIPath
GetThreadId
LocalAlloc

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE