2024-09-06_68d1fcdf0b06f9223a104b72a12ad663_hacktools_xiaoba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-06_68d1fcdf0b06f9223a104b72a12ad663_hacktools_xiaoba
Size

3.2MB
MD5

68d1fcdf0b06f9223a104b72a12ad663
SHA1

e9acf1c9100b96d7f214a4e622d12658cab57273
SHA256

acf42199cc09c0265083783a12f8c24911de14aaf61edfc0b558948eb5f64b51
SHA512

ce695a2a820ff6914be1c84dee08045b5eb939833209b5df6c219aa48a1d0c20d55aa4acbf2d2275e8947e254d270b77bf4abce84c5b560333ba47e8a850d1c6
SSDEEP

49152:6zG1BqCBGJdodXAGRe5CFHRoHgmAZf1NJ:DBIKRAGRe5K2UZt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-09-06_68d1fcdf0b06f9223a104b72a12ad663_hacktools_xiaoba

Files

2024-09-06_68d1fcdf0b06f9223a104b72a12ad663_hacktools_xiaoba
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

CODE
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 444KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 808KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ