f72cd71a5d742e24f89ffad03a9fcd85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f72cd71a5d742e24f89ffad03a9fcd85
Size

20KB
MD5

f72cd71a5d742e24f89ffad03a9fcd85
SHA1

88d6da7eb4be0ce6338f9f93118818b80c3fa735
SHA256

56f1a2d4a31836dc98de8a57d449066159abc183c155c85009b69379d4180b7c
SHA512

be4da435e21894d9239fc29d733a8e430e712253ad281b787650f87ee7909c4a77f91835b241e0c55c47bf14b24716d3b97e029eb71fc10ac9bd829e2df49b87
SSDEEP

384:TstcvwS5XPrK2Ck+jwc+mC6VNwUK0iTQYnkOJNnhe:gOv91PrKpsdmHVNw8YkOJN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72cd71a5d742e24f89ffad03a9fcd85

Files

f72cd71a5d742e24f89ffad03a9fcd85
.exe windows:4 windows x86 arch:x86

ce938b154afa53bc4a3fd98b1d23b15a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
InitializeCriticalSection
SetFileAttributesA
HeapCreate
GetTickCount
ReleaseMutex
ExitProcess
FindVolumeClose
GetModuleHandleA
SetEndOfFile
FindVolumeClose
GetFileSize
GetStartupInfoW
ResumeThread
HeapSize
ResetEvent
IsBadCodePtr
GetEnvironmentVariableA
DeleteFileA
CloseHandle
HeapDestroy
CreateFileA
WaitForSingleObject
GetTickCount
FindAtomA

wininet

FtpCreateDirectoryA
DeleteUrlCacheEntryA
HttpQueryInfoA
DeleteUrlCacheEntryA
FtpFindFirstFileA
FtpDeleteFileA
FtpPutFileA
FtpGetFileA
FtpGetCurrentDirectoryA
FtpOpenFileA
DeleteUrlCacheEntryA
FindCloseUrlCache
HttpEndRequestA

rasser

PortClose
PortClose
PortClose
PortClose

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ