1163522c0d407107bbc8dd1a0dde9a09 | Triage

Sharing

General

Target

1163522c0d407107bbc8dd1a0dde9a09
Size

388KB
MD5

1163522c0d407107bbc8dd1a0dde9a09
SHA1

a5be5671a3654b26b9fbbf6e8616b8c85559fc78
SHA256

20b7784d98a211e2933d37116ff94a74b8ea4da8099c2f8a169a4e782a1bcd37
SHA512

48793546e131f9674f0184b285746b49310022cec0dad1b7532bf1d2b1592fd076d2fc5fd8c49a9313128d38872e8481cca574f90043505d0ac0ed341cd910b1
SSDEEP

6144:QF6lp+V7s50dUXQYAf5EgXBfawIGQ9q7Go2rKg5+rg7o4aV:QYlYV7tiAYyJF5Q9q67rfcg6V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1163522c0d407107bbc8dd1a0dde9a09

Files

1163522c0d407107bbc8dd1a0dde9a09
.exe windows:4 windows x86 arch:x86

87f11a5d2af9c9b1e1b53ed41361484c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFreeEx
GetModuleHandleA
VirtualAlloc
GetProcAddress
VirtualFree
GetProcessHeap
GetLocalTime
GetLastError
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
HeapFree
RtlUnwind
WriteFile
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
CloseHandle

user32

EnableWindow

winmm

mciSendCommandA
mmioOpenA

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 324KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 391KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ