e488d4c303bf2c355017a4b91b25c59dd5af933cbb7f9f83c749f73cf0e3af3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e488d4c303bf2c355017a4b91b25c59dd5af933cbb7f9f83c749f73cf0e3af3c
Size

40KB
MD5

53c46620ac592a50392a431b68fbdd65
SHA1

878ef0bdc38de548d9e4dc7e03315d8445b3f86c
SHA256

e488d4c303bf2c355017a4b91b25c59dd5af933cbb7f9f83c749f73cf0e3af3c
SHA512

d589d624a8db64cf619fd1e9eb69cb0d9d233a0c61ce033b10ab0578cda05d212f7931cbf4579dca15f81443f82de0593a0300948090c6e9a32498dcfb304fc8
SSDEEP

768:2fghRIqX1nu/4scVTZpgRHiG5NSbdINvhnFR4:2YXIqX1nu/4xERHiG5N3hnf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e488d4c303bf2c355017a4b91b25c59dd5af933cbb7f9f83c749f73cf0e3af3c

Files

e488d4c303bf2c355017a4b91b25c59dd5af933cbb7f9f83c749f73cf0e3af3c
.exe windows:4 windows x64 arch:x64

751a03566fdc61efbc8783f97367604a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

Sleep
GetLastError
WriteFile
GetStdHandle
SetFilePointer
GetFileType
CloseHandle
CreateFileW
ExitProcess
GetCommandLineW
GetConsoleScreenBufferInfo
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
GetConsoleMode
WaitForSingleObject
ResetEvent
ReadFile
PeekNamedPipe
WaitForMultipleObjectsEx
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetFileAttributesW
GetFileSize
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
FindClose
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
FindFirstFileW
GetFileTime
GetFileInformationByHandle
FindNextFileW

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ