03af0e9f715ab9df79c87c9c2c4549aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03af0e9f715ab9df79c87c9c2c4549aa
Size

9KB
MD5

03af0e9f715ab9df79c87c9c2c4549aa
SHA1

e1de73c8d37da5756856502550099ee2242e525b
SHA256

583f638c53cec41525c80c3755d01ee0ee5a53b593b313f964f697d490019a87
SHA512

4caaacfdb497cca8042f2e0b8c27c0171d202d1d0a2d35d2e20057491e38086fac056cef9c6c4a2db9bd96ccfd81e5d51fd4a84fe45afd69f9991846f7735e50
SSDEEP

192:uwB67Jx/V2SYI5m6tQWUaAPvkmE4MnyQkjR4ghfLT61oyg60:u7s3A2wAEU4yQSR4wn61m6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03af0e9f715ab9df79c87c9c2c4549aa

Files

03af0e9f715ab9df79c87c9c2c4549aa
.exe windows:4 windows x86 arch:x86

2c5df4aeaa77ebce3ac083c0431de08f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
GetLastError
lstrcatA
ExitProcess
SizeofResource
LockResource
LoadResource
FindResourceA
lstrcpyA
lstrlenA
lstrcmpiA
SetLastError
ExpandEnvironmentStringsA
GetModuleFileNameA
SetUnhandledExceptionFilter
Sleep
GetCommandLineA
GetCurrentThreadId
LoadLibraryA
RaiseException
InterlockedExchange
LocalAlloc
FreeLibrary
GetStartupInfoA

msvcrt

fopen
??2@YAPAXI@Z
__CxxFrameHandler
_CxxThrowException
strstr
??3@YAXPAX@Z
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
fclose
strchr
_except_handler3
fwrite

Sections

0
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 121KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ