04d8ff12cc3f4bf2771edc0bfb76d501 | Triage

Sharing

General

Target

04d8ff12cc3f4bf2771edc0bfb76d501
Size

17KB
MD5

04d8ff12cc3f4bf2771edc0bfb76d501
SHA1

1b77f54cc9f1173657308ea697508ee7b61993d2
SHA256

05c72166291d1cd0621967045d86595e973bedefb532974fce0bc58745df9fbd
SHA512

620b49c39161232ba1850da65908773bc671d2e81352641037f78d4c521732faeb475c30f9a3df3fff8506b80627772ea249e5e7be921ee083fc3d112c9ea416
SSDEEP

384:Mhwt+3JpRsRa2sTMF91OvtmtNpqu0nirdGRDR:l0xsQ2jNKmtNpqSuR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SaranWrap.exe

Files

04d8ff12cc3f4bf2771edc0bfb76d501
.zip
SaranWrap.cpp
SaranWrap.exe
.exe windows:4 windows x86 arch:x86

8af173c1989669fe9e827fcd01bd02c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
CopyFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
WideCharToMultiByte
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetCPInfo
GetACP
CreateProcessA
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
WriteFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
HeapAlloc
HeapFree
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
VirtualAlloc
GetProcAddress
LoadLibraryA
GetLastError
HeapReAlloc

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
SaranWrap.rc
SaranWrap.txt
icon1.ico
resource.h