c6b616f1e523cf0164abfdf61bed202e1b063ac7114966adb4e3dc6ff31f3234[.]exe | Triage

Sharing

General

Target

c6b616f1e523cf0164abfdf61bed202e1b063ac7114966adb4e3dc6ff31f3234.exe
Size

2.0MB
MD5

ffaa2795cdbb9b9a2fb8f64ae59ab785
SHA1

5ed394f8cce0ef5a915756e2990c314bb5d9aa84
SHA256

c6b616f1e523cf0164abfdf61bed202e1b063ac7114966adb4e3dc6ff31f3234
SHA512

a3d34b0bf5e4ff6ac4ca7a048b2520abbe9263bb26baaacb3e812372d4a15e072ef0718598d5d2b68deee408ce6dffe42f2754db151516d4c8d98fe996fbe6d3
SSDEEP

49152:o96NRteryADpCW2G7CqreesNLsaisNeX7hwgqXn8D4E0fhbLUOu:o4NRIpcGCq/sqaisG7Vr0fh8Ou

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c6b616f1e523cf0164abfdf61bed202e1b063ac7114966adb4e3dc6ff31f3234.exe

Files

c6b616f1e523cf0164abfdf61bed202e1b063ac7114966adb4e3dc6ff31f3234.exe
.exe windows:4 windows x86 arch:x86

2eabe9054cad5152567f0699947a2c5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcpy

Sections

Size: 18KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 3.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ocrtsecp
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ubqulsuo
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE