6d71a48e6749c67823f626936ee76e40N[.]exe | Triage

Sharing

General

Target

6d71a48e6749c67823f626936ee76e40N.exe
Size

63KB
MD5

6d71a48e6749c67823f626936ee76e40
SHA1

6bec8a569c8981a56e56eccc920d0f6a713c5805
SHA256

d70e498f3c57a8266c7389b603b19a62ac83132e9d2274223314f3c989bfe0cc
SHA512

78aaee4b03db3e414015f7895a03faed885939dbf6b97ea38e590de8d082614831388c2bd53f9e7b3b282fea575d4179e6dfb722611cb76fee44d5b075e7b722
SSDEEP

1536:laaHt8u4dTnWsbh/RZod4L/Z0GTR9wqXHtpVvWGxVT:ld+RF7qG19wq9pFWwT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d71a48e6749c67823f626936ee76e40N.exe

Files

6d71a48e6749c67823f626936ee76e40N.exe
.exe windows:4 windows x86 arch:x86

bb07a99e1f4e79deb8afdbb55107ab48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseThreadpoolIo
GetConsoleAliasesA
BaseCleanupAppcompatCacheSupportWorker
VerifyScripts
AddRefActCtxWorker
CommConfigDialogW
ReadConsoleOutputW
FreeLibraryAndExitThread
InterlockedPushListSList

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE