6e0edca871383f41190fe5050e0f8b0b14a0a55a2621b0a958385ca8aecaffe2[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e0edca871383f41190fe5050e0f8b0b14a0a55a2621b0a958385ca8aecaffe2.exe
Size

4.1MB
MD5

5dacec77e87eb021a1363e76eac091e9
SHA1

c2a168c669638442a9942f3139badd6c8b7cb6fd
SHA256

6e0edca871383f41190fe5050e0f8b0b14a0a55a2621b0a958385ca8aecaffe2
SHA512

49fa5dc9c658f7f97b2084a3f6c13a314c533628eafc7caeac7b01f94520d2648481bc5685b690cd17ae51bfe84b27b229211876382d43c1f545ded8e86e4dc6
SSDEEP

98304:XYBSjl9m7g8ORm6/WoO0Tg35kmQtrm4CnD08bMv+:XYEjlBwUrBTgJkBrmHnD08bMv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e0edca871383f41190fe5050e0f8b0b14a0a55a2621b0a958385ca8aecaffe2.exe

Files

6e0edca871383f41190fe5050e0f8b0b14a0a55a2621b0a958385ca8aecaffe2.exe
.exe windows:5 windows x86 arch:x86

16036bdf6873e2231bd91d9f105a1983

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

Sleep

user32

SendMessageA

comdlg32

GetOpenFileNameA

advapi32

FreeSid

ole32

CoInitialize

Sections

.text
Size: - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx2
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ