283198ea12d932f14e0e5c4c95486f63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

283198ea12d932f14e0e5c4c95486f63
Size

1.5MB
MD5

283198ea12d932f14e0e5c4c95486f63
SHA1

c7ba9a96bde1fa869df6ebdd68c6d89a1effa298
SHA256

1a500f02be77b2083aba5d195e9c69a4e3b9f2294474cae2a521fa787b2f649a
SHA512

8ce7a7dcdf1808b12039929c001b6ad8c9083cd3b6f753f46fcbc75c2f1bdd4df7e63f23c8867c64e4b3a532c4a181143ecef52947a380ea01a768988548b6a8
SSDEEP

49152:FiFZr3JN8GyESIlZ4rsBLVlogQkrYjMJeZXOHl:Fi/rsGyGp5VlbQkrYw/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
283198ea12d932f14e0e5c4c95486f63

Files

283198ea12d932f14e0e5c4c95486f63
.exe windows:4 windows x86 arch:x86

03b57b99c03284d4b20dd049c9e59b95

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
CreateFileA
GetModuleFileNameA
Sleep
CloseHandle
CreateEventA
lstrcmpiA
GetLastError
DeleteFileA
RemoveDirectoryA
FindClose
FindNextFileA
lstrcmpA
GetFileAttributesA
FindFirstFileA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateDirectoryA
lstrlenA
GetTempPathA
ReadFile
WriteFile
GetStdHandle
SetHandleCount
GetStringTypeW
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleHandleA
SetFilePointer
GetCommandLineA
GetVersion
HeapAlloc
HeapFree
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetFileType
HeapDestroy
HeapCreate
VirtualFree
RtlUnwind
VirtualAlloc
HeapReAlloc
GetProcAddress
GetCPInfo
GetACP
GetOEMCP
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW

user32

wsprintfA
MessageBoxA

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE