ef272193fddc2de117a14e8c8eac07067380ede6907c16a81da0aa8d99162426 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef272193fddc2de117a14e8c8eac07067380ede6907c16a81da0aa8d99162426
Size

28KB
MD5

4b87a8339b0f06bfae368e39faa91318
SHA1

560d24357c6d9cbe7ca5eeb538ecfd9e6868db09
SHA256

ef272193fddc2de117a14e8c8eac07067380ede6907c16a81da0aa8d99162426
SHA512

d200a6cd8232eee8c3fd631ec552eb41153ced8ae831928cae2a309404fa4515488f050ad4db5bfc29c3de860fbe485b1e05b88ea8b546a466c8d919500bae9c
SSDEEP

192:CPyPjTE5iOmgSr8P8Swz9slLRrQXxsMBuUmZBdZDDhaTcfkEkWvujh9pyy+HhGUJ:CPsq4g48UyBbUmlphHCyy+HU0J0ovWU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef272193fddc2de117a14e8c8eac07067380ede6907c16a81da0aa8d99162426

Files

ef272193fddc2de117a14e8c8eac07067380ede6907c16a81da0aa8d99162426
.exe windows x86

30e87767c5223a00996a4f521f500ed1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetProcAddress
GetModuleHandleA
FindClose
FindFirstFileA
CreateProcessA
HeapDestroy
HeapFree
HeapAlloc
HeapCreate
GetStdHandle
GetFileType
GetStringTypeA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
GetCurrentProcess
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
LCMapStringW
GetStringTypeW
VirtualFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA

user32

MessageBoxA
LoadStringA

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE