ffc3708627e2a0cc4a2a0d513e0c4870 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ffc3708627e2a0cc4a2a0d513e0c4870
Size

1.0MB
MD5

ffc3708627e2a0cc4a2a0d513e0c4870
SHA1

d560ded35e26f02eab1e69130dd7f9c16790151d
SHA256

98cb998f746b75f35a6a4d0eb4751cbe446e744f1d325017618a4ef8ddeb280f
SHA512

90f340a8d15ca7eadc441bf62b0da57e1ed2b031d94902b1a5ff7f9b9485f3fc537a28c1c72b6256061129d15594145e775af9825f1993fca9f1d6237f3508ab
SSDEEP

24576:2UblYeOu4lgCzZNx4WDxnK7AnKcdtWWO3:xlYeOrlggv48xKQKitPu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffc3708627e2a0cc4a2a0d513e0c4870

Files

ffc3708627e2a0cc4a2a0d513e0c4870
.exe windows:4 windows x86 arch:x86

74d2fe9ccb5297e2bf43a554e0597f48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GetLastError
lstrcpyA
GlobalFree
GlobalAlloc
GetVersion
LocalAlloc
GetTickCount
GetStartupInfoA
GetCommandLineA
GetVersionExA
lstrcatA
lstrlenA
FreeLibrary
CreateEventA
GetFileSize
Sleep
LocalFree

msvcrt

_c_exit
__p__fmode
__CxxFrameHandler
memmove
_adjust_fdiv
_acmdln
_XcptFilter
wcslen
toupper
rand
__set_app_type
wcstoul
__p__commode
_except_handler3
__getmainargs
_controlfp
wcschr

Sections

.text
Size: 1024B - Virtual size: 947B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ