0659a7fcebfcb885d88a480795d50a90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0659a7fcebfcb885d88a480795d50a90
Size

11KB
MD5

0659a7fcebfcb885d88a480795d50a90
SHA1

da7dc1612e7c38e0f22700da62f98db2e8e91288
SHA256

e58d3837d181380f1d089aa5d584995ba394a2681c2cb6f319b44b9bbd7cf459
SHA512

64c22ca449db1094660ac995f93e90e3a35205bef7921b725a49db5d2134dfeb56ceac18ab79a8d5c84018b03866a482f11327a06d8c80f2d285dff5d6586fa3
SSDEEP

48:6m7nWlnjV3mQQjyJEN0TjPFAMOlXIohrIHqkJ7dGuP+sAJoBznCzF5RDwI3:u38j/ZMitrIHqCTNcF5JwI3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0659a7fcebfcb885d88a480795d50a90

Files

0659a7fcebfcb885d88a480795d50a90
.exe windows:1 windows x86 arch:x86

82329fa56fb913f00b631d104307b127

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetStartupInfoA
RtlUnwind

user32

MessageBoxA

crtdll

_exit
_fdopen
_flushall
_fmode_dll
__GetMainArgs
_kbhit
_open_osfhandle
_setmode
_strcmpi
exit
fclose
fflush
fgetc
fopen
fputc
fseek
_cexit
printf
raise
setbuf
signal
sprintf
sscanf
strchr
ungetc

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 912B - Virtual size: 912B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE