10bad60084aabf1b6ca93bd28c989a0f | Triage

Sharing

General

Target

10bad60084aabf1b6ca93bd28c989a0f
Size

168KB
MD5

10bad60084aabf1b6ca93bd28c989a0f
SHA1

b54314d1e150de556774faad36326eb00b6941ac
SHA256

e778c71c8eeb8a28e33b809f5c9368520c5753159d5e9ade1b3845e91325a552
SHA512

5f02a51421e4be088728d9c22f3bf925fb124424192acc0085545aa29aafdaf7585d72a3762c8c0ced5e2bbb631ec31bb891025f1fb23a0fd0698f4bec082b49
SSDEEP

3072:xrV4onJWfoID+7B3DE418qS8M87YIhF6yW8Xs83JIaqgNzZ3okvm3BH2qK:xhHnGpEo3R/4v6yjsla/Nd3VvEH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10bad60084aabf1b6ca93bd28c989a0f

Files

10bad60084aabf1b6ca93bd28c989a0f
.exe windows:4 windows x86 arch:x86

ae9f0a230429e91c12f3e16d4a5cb82e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FileTimeToLocalFileTime
SetErrorMode
LocalFileTimeToFileTime
IsBadReadPtr
ConvertFiberToThread
SystemTimeToFileTime
FindClose
SetThreadIdealProcessor
GetStringTypeW
GetOEMCP
FindFirstFileW
SetEnvironmentVariableW
GetLocalTime
EnumResourceNamesW
LocalAlloc
FindNextFileW
CompareStringA
RegisterWaitForSingleObject
GetShortPathNameW
LCMapStringW
FileTimeToSystemTime
GetCurrentProcess
FreeLibrary
GetSystemDirectoryW
SetCurrentDirectoryW
FindResourceW
LocalFree
LoadResource
SearchPathW

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

user32

ExcludeUpdateRgn
ReleaseCapture
FlashWindow
IsWindowEnabled
ValidateRect
UpdateWindow
InvalidateRgn
DestroyWindow
IsWindow
SetCapture
EnableWindow
GetCapture
ValidateRgn
RealGetWindowClassA
GetUpdateRgn

Sections

.text
Size: 102KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ