d001a9444f2da5ccedb043affb51b081fda8a4ae6998df35bdc0af3bd6b3bc1b | Triage

Sharing

General

Target

d001a9444f2da5ccedb043affb51b081fda8a4ae6998df35bdc0af3bd6b3bc1b
Size

39KB
MD5

6c58be7077541ef36e02e868bfe94022
SHA1

96125a12b78223acf6109327f24092035171a737
SHA256

d001a9444f2da5ccedb043affb51b081fda8a4ae6998df35bdc0af3bd6b3bc1b
SHA512

074a53cb774747a3140dc6c517a4c2a144dcfbd78ab99653c6835ee3013b70a11ddb141421e3f62d7f84e277e5f7840237cbae2ebf66a3e32bcba5e7112202c9
SSDEEP

768:GM80shcyI1nuHeHFiuTZIXslNN5dINyhFy:GIsOyI1nuHeliuqXslNNjh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d001a9444f2da5ccedb043affb51b081fda8a4ae6998df35bdc0af3bd6b3bc1b

Files

d001a9444f2da5ccedb043affb51b081fda8a4ae6998df35bdc0af3bd6b3bc1b
.exe windows:4 windows x64 arch:x64

9c19f6ac1be1f83129e62a8a11a77b7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetLastError
CloseHandle
CreateFileW
GetStdHandle
ExitProcess
GetCommandLineW
GetConsoleScreenBufferInfo
WriteFile
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
GetConsoleMode
ReadFile
Sleep
ResetEvent
PeekNamedPipe
WaitForMultipleObjectsEx
GetFileType
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetFileAttributesW
GetFileSize
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
FindClose
HeapAlloc
GetProcessHeap
HeapFree
GetSystemDirectoryW
GetProcAddress
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
FindFirstFileW
GetFileTime
GetFileInformationByHandle
FindNextFileW

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ