0a10a2bd17e9135470ef49f9fb8be204 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a10a2bd17e9135470ef49f9fb8be204
Size

2.1MB
MD5

0a10a2bd17e9135470ef49f9fb8be204
SHA1

1e3abb9c959f18ec3004be702d3327ab4f027e8a
SHA256

801f0a7e3fb10bf71e7d63eccbaaab613b81f92296b4d962b8342e44ea198cc4
SHA512

12d2fea945f075d774628de41ac3e47062790964140d944318a104590b013cbe442e4bf61156b1a26b81e2624bda883f96e03627ad82d770fa326e7b7f574528
SSDEEP

49152:Cy9eUimPGdZ9JFTghI4MiwOUDau+yB8r6sI81nr3g4:Cy9lPc1MhI4PwtuyKrtrQ4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a10a2bd17e9135470ef49f9fb8be204

Files

0a10a2bd17e9135470ef49f9fb8be204
.exe windows:4 windows x86 arch:x86

3f83a2a07eba03a7f2c13c6a375520c6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCommandLineA
GetModuleHandleA
ExitProcess
GetNumberOfConsoleInputEvents
Heap32ListFirst
GetLastError

advapi32

PrivilegeCheck

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ecode
Size: 4KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.isect
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.etext88
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ