6aaf48418a79ea3241dd562b2af84020N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6aaf48418a79ea3241dd562b2af84020N.exe
Size

10KB
MD5

6aaf48418a79ea3241dd562b2af84020
SHA1

c7dcdcb9fb2aa659374fc8c21196da8c3083c197
SHA256

8e0cfa56afc25b6bfdb35539ccfdb3785add2d7a6dda502fcab6cc58cedaca1d
SHA512

6b13781bbbc87ef4c8c7b77ce62171f0dc2673cc4896a65759c3ca80d1d1beb08247210ecf583ad6ba118bd9867b771870e431169f2d05f8d6f87c0ef445d4d1
SSDEEP

192:/wd0Qm7iyDjQ64aFZF5FJ9ugMxGxJLXnuQ578072w/O5pJyxhjqJldgd6fmYp7:/YmjD06HZnj5zuQmK2IO5pJEhcrjmYp7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6aaf48418a79ea3241dd562b2af84020N.exe

Files

6aaf48418a79ea3241dd562b2af84020N.exe
.exe windows:5 windows x86 arch:x86

b4fdfab631dfe0f020671bad74b14c65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

ws2_32

WSACleanup

Sections

.DHETRY1
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.VLPJFN2
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE