239f4fe464e158f001971c9bdb9ebdb8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

239f4fe464e158f001971c9bdb9ebdb8
Size

324KB
MD5

239f4fe464e158f001971c9bdb9ebdb8
SHA1

3bf0d1ef6a3e894db6a00cdd73c1877cd7c1603d
SHA256

d3a7dab99fc7aa9b33abb32069254f86e9cc363fb2c22e96658ee4b9bd436c9e
SHA512

d2632d7013330bb11b9b1a650acac6fe4ca971695ab6a5833276c15e61d6b35a5f7afa1f56f410a531d04e8b08d099eb55b71f0ee7576de644f3ab5492eae361
SSDEEP

6144:qIJ+iQGK7IPnEUeE0B8bOygsUTCcTHTihBZAMZXU6DPp3I3FZoj:q2rQpEPnEURgsUNCdAMS6Dp3eo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
239f4fe464e158f001971c9bdb9ebdb8

Files

239f4fe464e158f001971c9bdb9ebdb8
.exe windows:4 windows x86 arch:x86

98040c7861cebe432c0c409b226c9f14

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

memcpy
memcmp

kernel32

GetEnvironmentVariableA
CreateDirectoryA
CreateFileMappingA
Sleep
VirtualAlloc
VirtualFree
VirtualProtect
GetProcAddress
LoadLibraryA
CreateFileA
IsValidCodePage
IsSystemResumeAutomatic
GetThreadLocale
GetModuleFileNameA
GetExitCodeProcess
CreateNamedPipeA

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 790B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 280KB - Virtual size: 277KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ