2663087deb0b1033b9ec4e136005a45cd98c7e52c9fae36221cecc3ca47c5720 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2663087deb0b1033b9ec4e136005a45cd98c7e52c9fae36221cecc3ca47c5720
Size

169KB
MD5

095d33bf982a4694453c31b9d79bcf56
SHA1

b22964619004a96a6c91627a86ff0d3d629819ec
SHA256

2663087deb0b1033b9ec4e136005a45cd98c7e52c9fae36221cecc3ca47c5720
SHA512

2df6d987d4d1d6052a9af28979eebd54619ba32def53afd323e314c6074175a280e73cf7b40a4991dd1bd7514eb789f63dd5cad649ddb7249ad5c4a89764af89
SSDEEP

3072:sm+2LReWjTrW9rNPgYoTJYHvhDxk3HhgHa+oHlBSh392inIZh1O0Fca5wMARO:sm7RvjTqzoTJK1k3BgUlBShN2ioh1F6U

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2663087deb0b1033b9ec4e136005a45cd98c7e52c9fae36221cecc3ca47c5720

Files

2663087deb0b1033b9ec4e136005a45cd98c7e52c9fae36221cecc3ca47c5720
.exe windows:4 windows x86

5e0a0792d2594296eb53ee9831d05da1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5683
ord4129
ord800
ord823
ord825
ord537

msvcrt

__set_app_type
_controlfp
__p__fmode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
strstr
_except_handler3
__CxxFrameHandler
_access
srand
rand
__p__commode
_mkdir

kernel32

WriteFile
CreateFileA
FreeLibrary
GetTickCount
GetLastError
GetFileAttributesA
GetStartupInfoA
GetModuleHandleA
ExpandEnvironmentStringsA
DeleteFileA
MoveFileExA
GetCommandLineA
LoadLibraryA
GetProcAddress
GetLocalTime
lstrcpyA
CloseHandle

user32

wsprintfA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 110KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE