611e560a9356127877a2d2c5de1fc630N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

611e560a9356127877a2d2c5de1fc630N.exe
Size

7KB
MD5

611e560a9356127877a2d2c5de1fc630
SHA1

5563c017af3aa25ce9877f919ad4777fee4b5edf
SHA256

4b72c3f68f2daffbab6d5d5975eaf949119efda6bb975058c51481f0be5c8b12
SHA512

142d475ecd232864b6c0856b0fad40aa88821f7700b694cc3315890efb9b66d7fc37a94511d345bc000c7a974efdcbd7857012e8429623aae58900d98763b1d5
SSDEEP

96:o31zJEj8OGrkIgyOr34MVHqBpjrMWUfiNWUfiPSfeqoFCROAwGlJVKkoWC7tSc:8zCJp3cycWPWMFCRXwGlJVKko3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
611e560a9356127877a2d2c5de1fc630N.exe

Files

611e560a9356127877a2d2c5de1fc630N.exe
.exe windows:4 windows x64 arch:x64

415061dcb45d57cbbe4d5966633333e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

fopen
fseek
ftell
fclose
malloc
fread
free
__iob_func
fprintf
memset
strstr
_strdup
_controlfp
__set_app_type
__argc
__argv
_environ
__getmainargs
exit

kernel32

ExitProcess
AddVectoredExceptionHandler
GetModuleFileNameW
SetCurrentDirectoryW
GetStartupInfoA
GetCommandLineA
GetModuleHandleA

libtcc

tcc_new
tcc_set_lib_path
tcc_add_include_path
tcc_add_library_path
tcc_set_output_type
tcc_define_symbol
tcc_compile_string
tcc_add_symbol
tcc_relocate
tcc_get_symbol
tcc_delete

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ