124f65ff9f59e6b588b0672739ac98e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

124f65ff9f59e6b588b0672739ac98e9
Size

88KB
MD5

124f65ff9f59e6b588b0672739ac98e9
SHA1

16bc1b4f01b7acd23f6466d3404cc9206d0211af
SHA256

e870ec1368ba588f0b1350e6246dde3562cbf69dd6e795dc1211031aba51e858
SHA512

eb2b18389f8cd534807685c433ef3d96d80714b4d8aded365f87b8894d670acc019b54c40547ea735c46b20a52412967536f070e03151c56753fed2fdc38396a
SSDEEP

1536:gLa6ZkpWlTJIeMvii+Z53qvjlBuAUcWQiGV7/r8L/E7L9ek3K:uNlTKeMa3/K3PoLYc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
124f65ff9f59e6b588b0672739ac98e9

Files

124f65ff9f59e6b588b0672739ac98e9
.exe windows:4 windows x86 arch:x86

110dda9e237ef27126489a0673807cea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
lstrcatA
Sleep
ExpandEnvironmentStringsA
lstrcpynA
TlsGetValue
lstrcpyA
GetExitCodeProcess
GetCommandLineA
CloseHandle
GetCPInfo
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetModuleHandleA
GetModuleFileNameA
MultiByteToWideChar
GetProcAddress
HeapReAlloc
GetStartupInfoA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetACP
GetOEMCP
HeapAlloc
GetStringTypeW

user32

KillTimer
GetQueueStatus

gdi32

CreateCompatibleDC
DeleteObject

comdlg32

ChooseFontA

ole32

CoInitialize

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ