39f4fc5f56ccc6101f85e39139b6712b00caacf0f406a606eda34104577bc134 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

39f4fc5f56ccc6101f85e39139b6712b00caacf0f406a606eda34104577bc134
Size

12.1MB
MD5

0ee15e112c7a93f578ceeb373ee8477a
SHA1

5ba6167372e9d2d3cf7c69731a71c0f5511cc59d
SHA256

39f4fc5f56ccc6101f85e39139b6712b00caacf0f406a606eda34104577bc134
SHA512

9a2ff01e2fef072cf3ba3bedff6cf376b7273b8b92458f579df57d2410da82a3389b376c2b1502e866de0dc7d9c7bed6093a5a876eaa3a4e7f28fa79b1073c71
SSDEEP

196608:HIQB/JlnI1EYlfwcrnPVM4YfmQqfwAlO5/u6grh5+hV4Ypv4P:oQB/TIlfwaPG9fMfumb+hVdly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f4fc5f56ccc6101f85e39139b6712b00caacf0f406a606eda34104577bc134

Files

39f4fc5f56ccc6101f85e39139b6712b00caacf0f406a606eda34104577bc134
.exe windows x64

2a3a7b57b1b07f2d09e465641e891243

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ws2_32

WSAGetLastError

kernel32

IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

EndPaint

wininet

HttpOpenRequestA

Sections

.text
Size: - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 7.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12.0MB - Virtual size: 12.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ