5baa70384a9b9ce73723e7c56f110b0dba7d20a8bd9584eedac5b40006ed98d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5baa70384a9b9ce73723e7c56f110b0dba7d20a8bd9584eedac5b40006ed98d8
Size

29KB
MD5

321a68c4f3a8b4909f05d8fe6861eadd
SHA1

a1ef5a7f055ade37a6c0802173842658ab046847
SHA256

5baa70384a9b9ce73723e7c56f110b0dba7d20a8bd9584eedac5b40006ed98d8
SHA512

b31ddd562422d79877aee99c136a88fe2a5d7e9c358c4242902e49a40334b674672356cfda4b02b6d6d6c1ac18690fb632b5462213b78ee824ba2aa9272fed9f
SSDEEP

384:8jW81iKXI0gTbZnWG8NEAqXXJ2psMG1Y7UuTZRyqAmP66lxwdINHIgq9MN2IJ:EXIQGzAqXZ4I1YHTZ3NAdINs3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5baa70384a9b9ce73723e7c56f110b0dba7d20a8bd9584eedac5b40006ed98d8

Files

5baa70384a9b9ce73723e7c56f110b0dba7d20a8bd9584eedac5b40006ed98d8
.exe windows:4 windows x64 arch:x64

061997bb1feb61c29ea30ac42ad7431e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetConsoleScreenBufferInfo
GetConsoleMode
GetStdHandle
CloseHandle
CreateFileW
GetLastError
ExitProcess
GetCommandLineW
WriteFile
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
ReadFile
Sleep
ResetEvent
PeekNamedPipe
WaitForMultipleObjectsEx
GetFileType
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ