664bffe24693a7575ffcdaf2e33d6188 | Triage

Sharing

General

Target

664bffe24693a7575ffcdaf2e33d6188
Size

617KB
MD5

664bffe24693a7575ffcdaf2e33d6188
SHA1

79c46c28db3a8080c0739a0a6763ebee5b479e76
SHA256

7de67b4ae3475e1243c80ba446a8502ce25fec327288d81a28be69706b4d9d81
SHA512

21deb2d05c15df93702c52b9dc5a3c5ab65270c19fcede12be78e3011426457b6330979ddaeab0d2f24749c42ce26f8aec230741a25512a2d758f85e76cdce2b
SSDEEP

12288:2sjkDPRpsdgMGzN4wcZsHJHOa+YVFMKePHNPhaTGoXx4unuLT0Y9XEWSGqXUTjHL:2sjkDPRpcgMGzN43OHOKVF4vzErh4tfh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664bffe24693a7575ffcdaf2e33d6188

Files

664bffe24693a7575ffcdaf2e33d6188
.exe windows x86

497393145c34e7a583c61d69d8db0bdb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
VirtualAlloc
lstrlenA
WaitForSingleObject
GetModuleHandleA
CreateFileA
CloseHandle
FreeConsole
K32GetModuleInformation
CreateThread
HeapAlloc
GetProcAddress
CreateFileMappingA
FreeLibrary
MapViewOfFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

flog09s
Size: 456KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ