056ce5657329e0a4c1b2490bcec1c470N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

056ce5657329e0a4c1b2490bcec1c470N.exe
Size

6KB
MD5

056ce5657329e0a4c1b2490bcec1c470
SHA1

28450d11ce5db0c899ab5228a9cfdea76ccacff3
SHA256

e4c5665766105519ad9346db5ef165f8703b05a130fb34034d3bedbb7242c59e
SHA512

e8e2ee0dcc6f38b3249abe45bd4f1857594639a304246cbcb2b803d7782d3a9ccedd04e7fbb1a56d0e6251f0fbedd70eddaae8d5efd62ee438e8fb5834766db6
SSDEEP

96:hy859x0P8MaTOFkt65ZPAeukmnTp6YCR8hU:F5oLuwktyZPAemThCR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
056ce5657329e0a4c1b2490bcec1c470N.exe

Files

056ce5657329e0a4c1b2490bcec1c470N.exe
.dll windows:5 windows x86 arch:x86

c4c9ecfc26ca516a80b8f6f5b2bdb7e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
GetProcAddress
CreateFileA

msvcrt

free
_initterm
malloc
_adjust_fdiv

Exports

Exports

rundll32

Sections

.text
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 385B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ