6cea51d4234bc05d5a5e980eb1fcdb104b45239e063dc3b115416d44cf7abe8eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cea51d4234bc05d5a5e980eb1fcdb104b45239e063dc3b115416d44cf7abe8eN
Size

7KB
MD5

1859f499d7217ddc69bfe2ee4f325050
SHA1

b65107f7b819ac47089dbfa2b148dc576a429531
SHA256

6cea51d4234bc05d5a5e980eb1fcdb104b45239e063dc3b115416d44cf7abe8e
SHA512

51106c63d1ffc5d64d7a4b05c9ee21a6fd065cee64ba22fd29e393697a13c5bf0acbe96ced8180c8277af9365db16bf6e08e744ff8546c6efe9fbea3ec0216b8
SSDEEP

96:D4X1c6fXkkZSBBUSilnzmnVGDiWlo2rwxY26uU0OvMwe:DA1ckk3BTilzUPz2rwxYoXwe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cea51d4234bc05d5a5e980eb1fcdb104b45239e063dc3b115416d44cf7abe8eN

Files

6cea51d4234bc05d5a5e980eb1fcdb104b45239e063dc3b115416d44cf7abe8eN
.exe windows:4 windows x86 arch:x86

cbf47572e8cb446c01bd5522c7d7f827

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE