3a9560f04aeef2bbdb19fad92393df13e6f56e3a520ae8cc4067efef80ea6c1d | Triage

Sharing

General

Target

3a9560f04aeef2bbdb19fad92393df13e6f56e3a520ae8cc4067efef80ea6c1d
Size

22KB
MD5

d8148e2331d5d962c6ecb98027be0c7b
SHA1

1460c81a16f6326e3798415dd0b4dcf62c7ba10d
SHA256

3a9560f04aeef2bbdb19fad92393df13e6f56e3a520ae8cc4067efef80ea6c1d
SHA512

262c2da094ff74c72c86cb7787555a9aebc4f59148509d5652f07d08a57d544124a04d8e3c1b90a69d8c3ea4e79854c8ed536e98599db82e06ce4a392ad8f1a0
SSDEEP

384:lH2+fQewIWipuK9p+AzUzxBQYe/KEHLRXIlk+dbbjF:lH5Q7IbMqUznQYeywLRXIlkubn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a9560f04aeef2bbdb19fad92393df13e6f56e3a520ae8cc4067efef80ea6c1d

Files

3a9560f04aeef2bbdb19fad92393df13e6f56e3a520ae8cc4067efef80ea6c1d
.exe windows x86

d601935e31bb07525a7471816758008d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LocalFree
ExitProcess
VirtualProtect
VirtualFree
VirtualAlloc
lstrcpynA
ReadFile
lstrcpynW
GetModuleFileNameW
SetFilePointer
CreateFileW
GetCommandLineA
Sleep
GetFileSize
CloseHandle
LoadLibraryA
GetModuleHandleA
GetCurrentThreadId
LocalAlloc
OutputDebugStringA

user32

LoadStringW
MessageBoxW

shlwapi

wnsprintfA
wvnsprintfA

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ