1375209748fb2596c15e12816df5cf4ae63e646c68707ae04d736511e541b487 | Triage

Sharing

General

Target

1375209748fb2596c15e12816df5cf4ae63e646c68707ae04d736511e541b487
Size

41KB
MD5

fff6df110f0b26c19dc71b8a9a9cc367
SHA1

0d8ba964c2ce7c799addc51cdf3ff139d6de1013
SHA256

1375209748fb2596c15e12816df5cf4ae63e646c68707ae04d736511e541b487
SHA512

a598f3f088600d9a17879ff5f18ea89ec7ac0485f6c92d7bc1e63b3a67bcb46a9e1b7de2ecad7c9591b501fa7480c5df4614e964b69428ff36eac9631c4bb108
SSDEEP

768:mwsBzFlH3c7oswyWOWYJIR932UWbktRREs3s3rZ6wXKP6:mwsBzFls8swyIYy939WbktRRZsaP6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1375209748fb2596c15e12816df5cf4ae63e646c68707ae04d736511e541b487

Files

1375209748fb2596c15e12816df5cf4ae63e646c68707ae04d736511e541b487
.exe windows:6 windows x64

d0e2e8b7a361e9144edb295b31706247

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

MessageBoxA

kernel32

GetCurrentProcess
GetThreadLocale
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageA
TerminateProcess
IsProcessorFeaturePresent
LoadLibraryA

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 884B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ