6943da2c6f5e53e240cffc12d6bed1b1081957776fb8d7f164bb0d36f0050296 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6943da2c6f5e53e240cffc12d6bed1b1081957776fb8d7f164bb0d36f0050296
Size

3.1MB
MD5

3f6d06f2e42ebc77eda2120d3f69ea5c
SHA1

89337d003c7e1066de3eab7cbfb892eb86d925e2
SHA256

6943da2c6f5e53e240cffc12d6bed1b1081957776fb8d7f164bb0d36f0050296
SHA512

cad03ad2922ba4f0189a0142ebfcfc5f99a90b8aa6b53df6affb1ce63115470d74c26a68c519fc70870f9382bab659fbad8a0511decac500b16e6ea1c2cf9829
SSDEEP

49152:oYAe+G/5rceo7cPy0vlWcTroCs9tg7+nMpVD+WPzz+LbH29O3+IZLKyzbxC3DCWT:o8ceoEQcXoXt2UQYbWe+Inzbxs2q6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6943da2c6f5e53e240cffc12d6bed1b1081957776fb8d7f164bb0d36f0050296

Files

6943da2c6f5e53e240cffc12d6bed1b1081957776fb8d7f164bb0d36f0050296
.exe windows:4 windows x86 arch:x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 1.6MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ibbblgzc
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dkaotvvd
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE