16c25cba65784209392623a46bcf24390e5cc9252ca588e8a90d23630f7899f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16c25cba65784209392623a46bcf24390e5cc9252ca588e8a90d23630f7899f9
Size

9KB
MD5

c4a69748e6addadcdedcd547ff649fa9
SHA1

25ef1c7536a73a12f1821029868362a47a236150
SHA256

16c25cba65784209392623a46bcf24390e5cc9252ca588e8a90d23630f7899f9
SHA512

7efb164d5a46083cd1e405b0fd2359ecb440e6086c752fa46235d537c5a3621f58c4ec3488b5f80bb9b5225029bcb83b2aad74729433635be08180e423a42fcb
SSDEEP

96:QUzzMcLc/6cPKCUG1k0GdidLcU7Ct9bq9b2KRtTqcTockgzbxKO:QUVLc/6Ubk8dLjCfG9EcKc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16c25cba65784209392623a46bcf24390e5cc9252ca588e8a90d23630f7899f9

Files

16c25cba65784209392623a46bcf24390e5cc9252ca588e8a90d23630f7899f9
.exe windows:5 windows x86

916872b55f680c975e2fd8809f33d049

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
ExitProcess
GlobalMemoryStatusEx
TerminateProcess
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 815B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 846B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ