99dd9d600251bf7338fcc4a29641bbf0_exe32[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99dd9d600251bf7338fcc4a29641bbf0_exe32.exe
Size

66KB
MD5

99dd9d600251bf7338fcc4a29641bbf0
SHA1

007d1876ba6a5dae7334af6910ed2172de06588e
SHA256

6de8274c1e0330b4225d1713943b3026a79d6cac4ee2a0e4c22120c5f7a9dd30
SHA512

eb28137fe16c2f176813ac6916785fd3afeab8631f19a31114b085eb8415fae0f8fee3b5d4e91f8c2a610804198a20dba6dab7f8d781e82b5a943efc0eeb6423
SSDEEP

1536:IvK5nPn1RtaO5DPktgFOkyyqElotv7CGLxoK7ji+e55ZiO:7bT5ItmOkynRGGLuK7je55Zv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99dd9d600251bf7338fcc4a29641bbf0_exe32.exe

Files

99dd9d600251bf7338fcc4a29641bbf0_exe32.exe
.exe windows:4 windows x86

9947004cfcae71bd3ab1dd92a04fd5b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindActCtxSectionGuidWorker
GetThreadSelectorEntry
VerifyVersionInfoW
GetTimeFormatA
CreateMutexA
TerminateJobObject
PssWalkSnapshot
BasepNotifyLoadStringResource
ConvertThreadToFiberEx
BaseGetNamedObjectDirectory

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE