09dc5540530effd6c06a2104c3ba2d35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

09dc5540530effd6c06a2104c3ba2d35
Size

6KB
MD5

09dc5540530effd6c06a2104c3ba2d35
SHA1

d4418aa42fcab4787ca34579037ee8fe0e1a0243
SHA256

48944e22f36184823b84a9a4d29cab9b94fb31fc01436c747cb5218d78582cad
SHA512

2602888acef17b5451bf9dee1b2fb4ce045e41151b16e8c9def7ac0ca662b81fcc6e72fb7876120f7595feb38376a8512fca4b035267235cd94f2665f675d08b
SSDEEP

96:hN2Kn6tXa5XD+/fjNW25EJuLyWAOvwxLER+Jr9nUmEj1ieQssPsCpd5Xpqny+vvZ:qKn6tCqbqJfk24+3Uxvaxd5XAv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09dc5540530effd6c06a2104c3ba2d35

Files

09dc5540530effd6c06a2104c3ba2d35
.exe windows:4 windows x86 arch:x86

9baa21ced5189daff5f299d4ebae8737

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
VirtualFree
GetProcAddress
LoadLibraryA
VirtualProtect
VirtualAlloc
FreeLibrary
GetModuleHandleA
lstrcmpA
lstrlenA
GetModuleFileNameA
ExitProcess
UnmapViewOfFile
WaitForSingleObject
CreateMutexA
MapViewOfFile
GetLastError
CreateFileMappingA
lstrcatA
lstrcpyA
GetComputerNameExA
LocalAlloc
LocalFree
CreateProcessA
CloseHandle

user32

wsprintfA

advapi32

GetUserNameA

wininet

InternetCloseHandle
InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE