c48e1b65b7fbfee28485fd6f9aec11e0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c48e1b65b7fbfee28485fd6f9aec11e0N.exe
Size

6KB
MD5

c48e1b65b7fbfee28485fd6f9aec11e0
SHA1

9faca0bdd667bb4e6041b3206799d017d203d16b
SHA256

b5ea3a83289c16cb39c595de19e0a5444b5c07564f4acb165524a0a935e7a155
SHA512

aa498e2e9f35911abc8df5c6b607b5f3404e959bb3606f0d4aaffefc304f2def232c11492f24f5c49e21b60483112ee392fa7e8782413e90e09b5a3dd0533677
SSDEEP

96:A1jS47D+xDglq/drScn1znwZeDwD1kyTdz6Iy6q2j:KDaDglLI1znBchkY6IFj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c48e1b65b7fbfee28485fd6f9aec11e0N.exe

Files

c48e1b65b7fbfee28485fd6f9aec11e0N.exe
.sys windows:6 windows x86 arch:x86

d273628c8f0fae1a577537c8936c7aac

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\p\mr2\antim6\antim6\objfre_wxp_x86\i386\AntiM6.pdb

Imports

ntoskrnl.exe

IofCompleteRequest
IoDeleteDevice
IoDeleteSymbolicLink
IoCreateSymbolicLink
IoCreateDevice
KeServiceDescriptorTable
MmIsAddressValid
KeAddSystemServiceTable
PsGetVersion
KeTickCount
RtlUnwind
KeBugCheckEx

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 256B - Virtual size: 166B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ