0d99792e62dc2c6e86163c61a9277591 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0d99792e62dc2c6e86163c61a9277591
Size

188KB
MD5

0d99792e62dc2c6e86163c61a9277591
SHA1

10ae61dfb9fa40f893bbe49413fcd7a6276b391f
SHA256

6de7946ad5e50881a7bcc9c62cb33a1e00e926feaeee59ea3cf3a712ff81a740
SHA512

294ecf0e8de398383b98bcfa4f2965ceb4846a3b71b49784c38c113c0494dc8f31e8961bf27791ece651f0c94b8acdb9ca65cdf6efcf9c1e8b533526ec1af688
SSDEEP

3072:C2bCghZaBvEs4bCHjeO/nF+XO/blL+1LiY+Fi9JiXIHYt9FaHyzZEV5/mZD1Ol:XxhZa9Es4bcywUGli1LZnHSFyQeQm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d99792e62dc2c6e86163c61a9277591

Files

0d99792e62dc2c6e86163c61a9277591
.exe windows:4 windows x86 arch:x86

4d0666789efb153216a402458e29cb43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
lstrcmpA
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
IsBadWritePtr
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ