7434cd1e9eaa340ec7b81c4810eaacabf3ad512e4a19c274c7295b0b7635c331 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7434cd1e9eaa340ec7b81c4810eaacabf3ad512e4a19c274c7295b0b7635c331
Size

42KB
MD5

ae7008c9e238523b338b45e15955122a
SHA1

6c01c3ec2edf955d2993bb05a0582a6966ab754f
SHA256

7434cd1e9eaa340ec7b81c4810eaacabf3ad512e4a19c274c7295b0b7635c331
SHA512

0e3b37632a2f0da3e3fbab40e3e93014a08a57b38cb3461f6a4d02716aa014d8bcb46bac86defe95f7ef97a540dfea9ad3b3560d5390b829844517975b3f209d
SSDEEP

768:EMGRNYnI1nuOrJjmzDDW9TZ8wNIFdINnEhQyUy:EMaYnI1nuOrFmzfW9+wNIJhe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7434cd1e9eaa340ec7b81c4810eaacabf3ad512e4a19c274c7295b0b7635c331

Files

7434cd1e9eaa340ec7b81c4810eaacabf3ad512e4a19c274c7295b0b7635c331
.exe windows:4 windows x64 arch:x64

1f6b1573cb536bc89f23ff116fec49c7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleScreenBufferInfo
GetStdHandle
GetLastError
CloseHandle
CreateFileW
ExitProcess
GetCommandLineW
WriteFile
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
GetConsoleMode
ReadFile
Sleep
ResetEvent
PeekNamedPipe
WaitForMultipleObjectsEx
GetFileType
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetFileAttributesW
GetFileSize
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
FindClose
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
FindFirstFileW
GetFileTime
GetFileInformationByHandle
FindNextFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ