a190e5e49b059317fd3f120d1882837c1afc22eb09f7f783f28a3af4ecf9db59 | Triage

Sharing

General

Target

a190e5e49b059317fd3f120d1882837c1afc22eb09f7f783f28a3af4ecf9db59
Size

4KB
MD5

08be7bf615472989deb9484d7bcea501
SHA1

fccdcc0a9507361becc472978d2a09e7f0542caa
SHA256

a190e5e49b059317fd3f120d1882837c1afc22eb09f7f783f28a3af4ecf9db59
SHA512

73cef2d2200cf4e8283369ec91594ffa1a51f73d169f5a4bee27c6f20d790d2e5154af0be94c2590c66e3b6dab3317f3af85b2d46af8b18f1ecc1fada3b639c2
SSDEEP

48:KalaspipKTxSaeCAq4jpPPrh22shRYwg/fO+jWfRuqSk:rlkpKTxvQb3VW5x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a190e5e49b059317fd3f120d1882837c1afc22eb09f7f783f28a3af4ecf9db59

Files

a190e5e49b059317fd3f120d1882837c1afc22eb09f7f783f28a3af4ecf9db59
.exe windows:6 windows x86 arch:x86

364f40ac7f7d315e8766d6b17ee1dcf9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
CloseHandle
GetLastError
GetCurrentProcessId
OpenProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter

shell32

CommandLineToArgvW

ntdll

swscanf_s
_alloca_probe

Sections

.text
Size: 512B - Virtual size: 413B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ