1572300668016eb3fb8cbdc155f8323b | Triage

Sharing

General

Target

1572300668016eb3fb8cbdc155f8323b
Size

212KB
MD5

1572300668016eb3fb8cbdc155f8323b
SHA1

91964cee74cb750e2c73dc2f6139969abdeffcea
SHA256

f8c015644a814d0dc5d3944a794dba53dff070e5c462bbd76e85e077946746b9
SHA512

342aea4bee0ef7f54fa9618427d4068cc9fbf4ae783b1edbdd93f27f92899cc5d8c63bc9475deb226f62921ce68e973b84ff7858b2b212e4ca8fa27234a12d5c
SSDEEP

3072:9Xl0akpKA579WvVgrSWP4MI06ThsOoZ+/ssynFPdsr4GIgR47fszNvxodW:9Xl0RImRWbSZmTh/oZMssSOI57fENv2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1572300668016eb3fb8cbdc155f8323b

Files

1572300668016eb3fb8cbdc155f8323b
.exe windows:4 windows x86 arch:x86

6228a8843792e7a931607e88967832c7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileSectionA
SetupComm
DeleteTimerQueueTimer
SetComputerNameExA
CancelTimerQueueTimer
GetUserGeoID
GetLocalTime
GlobalDeleteAtom
MoveFileWithProgressA
BuildCommDCBAndTimeoutsW
SetFilePointer
IsBadHugeWritePtr
LocalFlags
CreateSemaphoreA
GlobalFlags
lstrcpyn
DisconnectNamedPipe
AllocConsole
GetCommState
FreeConsole
lstrcpyA
lstrcmp
GetDefaultCommConfigA
SetCommConfig
GetCurrentDirectoryA
HeapSize
VirtualAlloc
GetConsoleInputWaitHandle
CancelTimerQueueTimer
GetComputerNameA

ws2_32

bind

Exports

Exports

BeginIfvhosowclk
Ihgedoswjph
Ohvrfdum
Hcovsxdg
GetPbrqjbhqc
AddYmqgcwkqrl

Sections

.itext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 172KB - Virtual size: 833KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ