012d02733108de03864681015ae04ffb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

012d02733108de03864681015ae04ffb
Size

39KB
MD5

012d02733108de03864681015ae04ffb
SHA1

9f6cdf4428b852376c3c699c2d41dd8b5a799bcc
SHA256

2e2921936b6778be40159ccc89d9d36d9b8c475a889360f3a3fac0ff233c113d
SHA512

93f59520a22ce2365fb4c86645ba398bb87db6f76391ec6537d14be5c39b1e67b7e4db0aff2612f821ddb2494d8604bebab32197bd8cbc0381edf83eb2bf7c32
SSDEEP

768:iikkFix+p3dbRY2D9VS/zPYSXZN2Mu2FSJNEmyWRz9hcya8I0Cin:irkRNnS/zPdVy5yWnay9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
012d02733108de03864681015ae04ffb

Files

012d02733108de03864681015ae04ffb
.exe windows:4 windows x86 arch:x86

7db6c04ada61079f376967afd3b2f64e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
WriteFile
CreateFileA
LockResource
LoadResource
SizeofResource
FindResourceA
GetModuleHandleA
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
WinExec
DeleteFileA
CopyFileA
GetTempFileNameA
GetTempPathA
GetWindowsDirectoryA
GetModuleFileNameA

msvcrt

time
_mbsupr
sprintf
_ltoa
_mbsrchr
_except_handler3
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
__dllonexit
_onexit

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ