02c81ed89bb7a01890f958253a6e2f6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02c81ed89bb7a01890f958253a6e2f6f
Size

187KB
MD5

02c81ed89bb7a01890f958253a6e2f6f
SHA1

9cb96da4243f242439a0386c7d605be1500a35c0
SHA256

5c32a0bbfd3daea0613bec4a621be28caddd9d4b0307f6058d4adfdedcbd7010
SHA512

c3edc4f14c8fe13657d144d744da7a89c263e6b1de94077288f78a72067a7f701714cf22973e40255ef6509e08d36d7cff5c69e6bad6013cbb52cd381c4cf4be
SSDEEP

3072:FNeDeDayWdKEeCcp1m5kGlbxeBKPCIY/6COViZvUSjT0H1eoLQsX:3eDYXKoNJGl9lZY/6CKSUYEUGQsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02c81ed89bb7a01890f958253a6e2f6f

Files

02c81ed89bb7a01890f958253a6e2f6f
.exe windows:4 windows x86 arch:x86

c0798e93d54165973a9adfd3679bb12b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetVersionExW
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
LoadLibraryW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
GetModuleFileNameA
TerminateProcess
UnhandledExceptionFilter
GetACP
GetOEMCP
GetCPInfo
IsValidCodePage
HeapReAlloc
GetTimeZoneInformation
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LCMapStringA
LCMapStringW
GetStringTypeA

rpcrt4

RpcBindingFromStringBindingW
RpcBindingSetAuthInfoA
RpcErrorAddRecord

shell32

CommandLineToArgvW
ord201

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 54B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ