69a201352ce0d9b1f54f7fb46c015a526140961a1e39c1c2a53781e41c0cc5e3 | Triage

Sharing

General

Target

69a201352ce0d9b1f54f7fb46c015a526140961a1e39c1c2a53781e41c0cc5e3
Size

31KB
MD5

16c37071877458ac79fefe413db88dda
SHA1

d500b15b8fa43ca08ed9d5f4b9857dce4084925e
SHA256

69a201352ce0d9b1f54f7fb46c015a526140961a1e39c1c2a53781e41c0cc5e3
SHA512

8aefee7613685be28183699fd345a2dde3e5b500ba7565ad15fe02eb54af6b9ea61da3b8575428f38c5342071c97a807c3292721c77c597255512822520a3929
SSDEEP

384:H17JP+uf+OpLX5cS1nuDiqYyL9F5ANPVKVwz0EHUUnTZRy09NsgYJwlINi66n7Ux:V7JW2pLZ1numqt9nv0/TZBlINiN7lFH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69a201352ce0d9b1f54f7fb46c015a526140961a1e39c1c2a53781e41c0cc5e3

Files

69a201352ce0d9b1f54f7fb46c015a526140961a1e39c1c2a53781e41c0cc5e3
.exe windows:4 windows x64 arch:x64

0e843d6220d2fbff25d4d12f55277a78

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

CloseHandle
CreateFileW
ExitProcess
GetCommandLineW
GetConsoleScreenBufferInfo
GetStdHandle
WriteFile
WriteConsoleW
SetConsoleTextAttribute
OutputDebugStringW
GetConsoleMode
GetCurrentProcess
FormatMessageW
GetModuleHandleW
LocalFree
SetLastError
GetFileAttributesW
GetLastError
GetFileSize
GetSystemDirectoryW
GetProcAddress
GetVersion
GetCurrentDirectoryW
GetModuleFileNameW
GetEnvironmentVariableW
GetFileTime
GetFileInformationByHandle
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
GetProcessHeap
HeapFree
WideCharToMultiByte
WaitForSingleObject

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ