fd0a38553e5e4832edf1ea3bfaae1ba7 | Triage

Sharing

General

Target

fd0a38553e5e4832edf1ea3bfaae1ba7
Size

579KB
MD5

fd0a38553e5e4832edf1ea3bfaae1ba7
SHA1

99fb6caa68f8722184e04ca2a1b037f0a7a8040e
SHA256

cb7d6c2988c895e4d82753c6819f022ff3ec5aaa14f8cde0b5cf51e16521ee05
SHA512

a4775d5626f0ca301115c92031b8803174035f0fac91bccd130289402cbc254cd5eb455ec2163a74c606dbc94073adb924f6648f37ad942d7dd3e964fd324fc9
SSDEEP

12288:l2k/zOPoipRbR3iAbkZnUGNbW/csxGvXjVTZ5c7TnqnTTrPjco:l22OP9FiGMnUCbGyTV9nnT3Pwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fd0a38553e5e4832edf1ea3bfaae1ba7

Files

fd0a38553e5e4832edf1ea3bfaae1ba7
.exe windows:4 windows x86 arch:x86

235aba0a819bab0c31910c0fd108876c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

IsDebuggerPresent
GetProcessHeap
lstrlenA
ExitProcess
WaitForSingleObject
CreateThread
GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
WriteProcessMemory
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
GetStartupInfoA
lstrcmpiA
HeapFree
GetEnvironmentVariableA
HeapAlloc

user32

DispatchMessageA
TranslateMessage
GetMessageA
UpdateWindow
ShowWindow
DefWindowProcA
CreateWindowExA
RegisterClassExA
DialogBoxParamA
MessageBoxW
MessageBoxA

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ