b94e4337786921cfc1664a6c13152510N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b94e4337786921cfc1664a6c13152510N.exe
Size

63KB
MD5

b94e4337786921cfc1664a6c13152510
SHA1

41bc663e1fec224adcca798379eb3b91fcf32038
SHA256

e304a2a21d8bb86feeaa5285d55929f51c16f1eebd9089b12562bd923775ab08
SHA512

f8bded2c6ed413904d83d37ba6ee9628a103fe6998feeaf9ef975bc8acdd2d9454213cba40497094e5c8a00eb5656d81962b66c07eda411399277a592129396c
SSDEEP

1536:CjhWg/VlctDA2RuN5ymmhUdCb+rBLzqzVVvWhi6wB:CjhWslIs2RqxGU1BHqz+G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b94e4337786921cfc1664a6c13152510N.exe

Files

b94e4337786921cfc1664a6c13152510N.exe
.exe windows:4 windows x86 arch:x86

f182556a2c13acbc7aff4ba7b682ddc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CmdBatNotification
RegQueryInfoKeyA
OpenFileMappingA
GetTimeFormatEx
SizeofResource
ResetWriteWatch
PssDuplicateSnapshot
UnregisterBadMemoryNotification
RegQueryValueExA
BaseDumpAppcompatCacheWorker

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE