11cf8c803c032da94fe9cc1f7b42de3c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11cf8c803c032da94fe9cc1f7b42de3c
Size

116KB
MD5

11cf8c803c032da94fe9cc1f7b42de3c
SHA1

4d0e7becefb1fea6445474a58bd5eab493a63399
SHA256

9048a2f09892ce905185770b2ed5f947ebf7e302ed180064c8aa341d7496129a
SHA512

22ef25a98aea0d657756c7e9eb24c77f36348396e51de92c4abf17c3cd9397742403b1d80f07cb2d4e03f51946d88d3f8e93452ed056846101c14c89473e90c9
SSDEEP

3072:5DkFbxZJM3llijinLAhvC3C24pAwvtlOuQ2AF+BJt1eVno1x:CFbxZ8lvLAZtAwv7OSAF+niE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11cf8c803c032da94fe9cc1f7b42de3c

Files

11cf8c803c032da94fe9cc1f7b42de3c
.exe windows:4 windows x86 arch:x86

1c372311534116eeffdf56f3f6c69c5c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
ExitProcess
GetProcAddress

user32

wsprintfA
MessageBoxA

Sections

Size: 30KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PEPack
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xpr01
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Huan.
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE