6cd4d979895ac444f6445f9c1fcef3fc2fcac8f4f0036b7d55d10b0c714ef64eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6cd4d979895ac444f6445f9c1fcef3fc2fcac8f4f0036b7d55d10b0c714ef64eN
Size

1.1MB
MD5

a73a79a5ab607ba16c1227e760d28fa0
SHA1

25562e5f1037438e52c1d51932d6707e7af7da53
SHA256

6cd4d979895ac444f6445f9c1fcef3fc2fcac8f4f0036b7d55d10b0c714ef64e
SHA512

bfc5c17b6a29a8ccc5ff5718fec41e69be02790c894ad3344ed954652a6b2060b07df0855f1cb15275e03996886a3e8a3449033bf966ae3c46f0cb33cf89ebd3
SSDEEP

24576:vzOzMQGEvGEjgnUrelTfz2al9uSReygfc/C8cU:LOzMQGEvGEjgnGet5zRya1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6cd4d979895ac444f6445f9c1fcef3fc2fcac8f4f0036b7d55d10b0c714ef64eN

Files

6cd4d979895ac444f6445f9c1fcef3fc2fcac8f4f0036b7d55d10b0c714ef64eN
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Documents and Settings\Zeyo\桌面\Hacker.KeySpy\obj\Debug\svchost.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

dtgtvjk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE