6b8a56abee31f429e70905ac037e90f2a1829f25ee191736f095389f646aa424 | Triage

Sharing

General

Target

6b8a56abee31f429e70905ac037e90f2a1829f25ee191736f095389f646aa424
Size

176KB
MD5

30a1e57852f5964bd371e0b04117d708
SHA1

d10e9cffac94ca279c9b8cdb9ffebae54538f04c
SHA256

6b8a56abee31f429e70905ac037e90f2a1829f25ee191736f095389f646aa424
SHA512

c262aa71d687e4080ee68b6635ebc8191c51f70673a050180d4b74eb9d9e004aee5f7b712e9aee73200822a20a606e1605da9f6a7e208a0af4b5cbb7102cbf97
SSDEEP

3072:T+9E4Wgbr57BVFqmx1E9Hqmz674Qbf6xET/nhqCoNWDY1TuDBujfgY1LRQBAhHuJ:Tk0MJBVlx+Vf274Q2xqhxoNH1Ti5YtuY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b8a56abee31f429e70905ac037e90f2a1829f25ee191736f095389f646aa424

Files

6b8a56abee31f429e70905ac037e90f2a1829f25ee191736f095389f646aa424
.exe windows:5 windows x86 arch:x86

b85f7741a49f0e564ff0742d092b0400

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
GetFileSize
ReadFile
CloseHandle
VirtualAlloc
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualFree
GetProcessHeap
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ