20dc5bed860fe504e31bb182c238e7a0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

20dc5bed860fe504e31bb182c238e7a0N.exe
Size

63KB
MD5

20dc5bed860fe504e31bb182c238e7a0
SHA1

fc614cdda1e2d719b3b944519ed61a2b8e572e40
SHA256

2cad397096c3330180097c91d96e7a5d928feb5403f48a3d8094e87da43d1b9e
SHA512

c09dfc1d72ebd11ee0348e85ecd6085f70d3294167f6838b8ee5f6bff7d2c04fe2db12d6cc4a08635490823ae98806d374decec3800c121d29da992191b60a34
SSDEEP

1536:AeQj7ATD5fY1q+S/McTC58P6kAYCPlywGB7RKEVKzs5YgEWN:XQj7AH5fmqf/BCCP6kLCPiB4EU/g1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20dc5bed860fe504e31bb182c238e7a0N.exe

Files

20dc5bed860fe504e31bb182c238e7a0N.exe
.exe windows:4 windows x86 arch:x86

ecbbc85110190460307bd1eb57fbc760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeactivateActCtx
SetTimeZoneInformation
SetComputerNameA
GetThreadErrorMode
BasepReleaseAppXContext
SearchPathW
K32GetProcessMemoryInfo
CreateSemaphoreA
GetConsoleCP
GetAppContainerNamedObjectPath

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE