0142c52955f49d5dd9589010dd7e81f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0142c52955f49d5dd9589010dd7e81f4
Size

21KB
MD5

0142c52955f49d5dd9589010dd7e81f4
SHA1

b5a1c9de56ea575bb49a6385595f95936b28a061
SHA256

c64e31b3926f106ead11e0d9ea2825e0dbfde1fdc3900ae6e35b769c6e234013
SHA512

05b4783718d5f27d19aaa26d1b18e3650950d6864d25c6921ed8c201b8dd9a53dfc6ef5bbe5a25c7de2d59b78f46390e531685b653603cb00717cbfe62a4a1d9
SSDEEP

384:/LJ2AZKYBxkr4GLULNol/jdi+wMq8OfmLnakbCyFYKZGL69ZiWD3QV:T3JBCUe/jxqmLnakbCyFdYL2iWD3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0142c52955f49d5dd9589010dd7e81f4

Files

0142c52955f49d5dd9589010dd7e81f4
.exe windows:4 windows x86 arch:x86

19a04eee4c8ba40dcc4cf5aea52f939e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
GetCurrentThread
GetProcAddress
GetThreadContext
HeapAlloc
HeapCreate
HeapDestroy
ResumeThread
SetThreadContext
Sleep
SuspendThread
VirtualAlloc

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ