10a6e0d498a80fe75235c93113e1dee0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

10a6e0d498a80fe75235c93113e1dee0N.exe
Size

63KB
MD5

10a6e0d498a80fe75235c93113e1dee0
SHA1

dffa6806bdebeeeba22508e827d2206fcd656ae5
SHA256

dcc2243e5eacb6c8fff6ad0d20c7db5269938f56a25759b97b3d9ba613308a45
SHA512

5cdb750e89b501fc3c95bf04ec5f3c258961481c68ab34b76c7ca5208cc716213ba95a1771ca849469e583aa30b64f1927f5bb22737c6ca7fbafb3e5d389f43c
SSDEEP

1536:S0mFtXkH+yNYcfoTfE68tbeXQEOj5D4dmsXFy6Lu7LsHzfEj9P4fDY2x:Sk/N6E/b3XsXFy6LZEJPaDZx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a6e0d498a80fe75235c93113e1dee0N.exe

Files

10a6e0d498a80fe75235c93113e1dee0N.exe
.exe windows:4 windows x86 arch:x86

e13240e8788394da4504e4006bff7d0b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Wow64SetThreadContext
GetProcessHeap
SearchPathW
Heap32ListNext
Module32First
CallNamedPipeW
GetProcessHeap
PeekConsoleInputA
IsBadReadPtr
BaseThreadInitThunk
QueryActCtxSettingsW
WerRegisterAdditionalProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE