b6479453155e615e25a702974db21ec0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b6479453155e615e25a702974db21ec0N.exe
Size

75KB
MD5

b6479453155e615e25a702974db21ec0
SHA1

95a4ca77f5bb683769ce3d0d310acd652c0cddbd
SHA256

188cfbdab7a7e57eab86fd1f4fdfb22e43d63d06d19aa270ef0296b54e4cd741
SHA512

7b33963f5afc5cdb563915e961a7332b835cda8ac2c3d96abc43d928ba1db6f6233236dd3186a166f288bd145eb569e3fedce643c14e33b360a726e52f7b7c6b
SSDEEP

1536:N/EyqWrpq9S82E0IdJlcuWBmu9lDo3+9n5NjSa5xKrZP6:N/EyrpsnX2uWBmu9Z5Nqo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6479453155e615e25a702974db21ec0N.exe

Files

b6479453155e615e25a702974db21ec0N.exe
.exe windows:4 windows x86 arch:x86

efa7c77fc162e2aa628d9af8de7a5b78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

ShellExecuteExA
ShellExecuteA

msi

ord112
ord172

kernel32

GetTempPathA
ExitProcess
GetPrivateProfileStringA
GetCommandLineA
GetModuleHandleA
GetModuleFileNameA
GetTempFileNameA
DeleteFileA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ