1604a7516dad202b4a5e4188662f0b89 | Triage

Sharing

General

Target

1604a7516dad202b4a5e4188662f0b89
Size

40KB
MD5

1604a7516dad202b4a5e4188662f0b89
SHA1

360b1c0272ee64249b034df274e76786d93de69a
SHA256

7fdf162ee11e800260cccce05342f2a9f075c7ddd800d955c03ef6d914fa648a
SHA512

7d4c70ad9bd5bd702dcfb482263ff806ac6a2fe4870b36e153a3d9b5f050a28427c1438b4ebac4c7354ae621ca2e7ea38fd11e4ff354a9e027569fc99e5232ed
SSDEEP

768:iwpcf/KvSCgaZZLoKV/ZqtxrWWZkN4bGf4gK3p4Heb6W8jU5Cvx7VAUaIiQZzcJk:iwpcf/KvSVajV/ZqtxrWWZFvgK0XW2MC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1604a7516dad202b4a5e4188662f0b89

Files

1604a7516dad202b4a5e4188662f0b89
.exe windows:4 windows x86 arch:x86

9fd351b21b3904c929e551a756e96610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
CloseHandle
FindNextFileA
FindFirstFileExA
LocalCompact
EnumDateFormatsExA
GetNumberFormatA
RegisterWaitForInputIdle
LoadResource
GetLocaleInfoA
GetCommModemStatus
GetStartupInfoA
GetDiskFreeSpaceA
GlobalFlags
GetDiskFreeSpaceA
WriteProfileStringA
GetSystemTimeAdjustment
GetCommandLineA
GetStartupInfoA
ExitProcess
GetSystemDefaultUILanguage
SetSystemTimeAdjustment
TryEnterCriticalSection
IsValidLocale
LocalFlags
HeapValidate
GetSystemPowerStatus
GetThreadSelectorEntry
RequestWakeupLatency
AllocConsole
VerLanguageNameA
GetThreadSelectorEntry
GetProcessVersion
ReleaseSemaphore
SetErrorMode
lstrcat
CopyFileA

Sections

.xtext
Size: 4KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

WEIJUNLI
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ