6e6c1885075ba4d3978fd9abd1726c0ec57eeef2592b3a22f60ca68edac3dab0 | Triage

Resubmissions

25-09-2024 14:04

240925-rc8z3aserg 10

Sharing

General

Target

6e6c1885075ba4d3978fd9abd1726c0ec57eeef2592b3a22f60ca68edac3dab0
Size

4KB
MD5

81211f974db6eea0112d731358065cd6
SHA1

3bd39ad5df928ad1b7ad1b5a58d94ecc9fdfbd13
SHA256

6e6c1885075ba4d3978fd9abd1726c0ec57eeef2592b3a22f60ca68edac3dab0
SHA512

429584d80c9a7f9496bc9196f4ced315189dc664194a93987d12fa0c64c3a0ebe5f90d99a38c3fceddd5fba61952fa7aa3e44d8b9d0bad12a7c52f0f03b92e00
SSDEEP

48:Zdni+Wyi18DN0nCvTaE6nc9fhXcGEY3sJd9ga91Rs/bnA7B8mOo4jUx7OtKGc:Z0v4mUWKh9ctgC1R+bnKymV44Sh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6e6c1885075ba4d3978fd9abd1726c0ec57eeef2592b3a22f60ca68edac3dab0

Files

6e6c1885075ba4d3978fd9abd1726c0ec57eeef2592b3a22f60ca68edac3dab0
.exe windows:4 windows x86 arch:x86

cc40fefa3af5cd00cc28dbd874038a4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileW
DeleteFileW
ExitProcess
GetComputerNameW
GetCurrentDirectoryW
GetFileSize
GetModuleFileNameW
GetTempPathW
GetVersionExW
ReadFile
WriteFile
lstrlenW
lstrcmpW
SleepEx
VirtualAlloc

wininet

HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetReadFile

shell32

ShellExecuteW

ntdll

RtlDecompressBuffer
swprintf

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ