1243896b4cb9c19fcca1521b574e1d70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1243896b4cb9c19fcca1521b574e1d70
Size

17KB
MD5

1243896b4cb9c19fcca1521b574e1d70
SHA1

d0ff0eee8832f63941a298187839b133d509d820
SHA256

1eff2a6b4ace9c71f188e62b9f3ce6291cfea8c8bf5d3b70d1a6620bbff05665
SHA512

1c12097e6f719786a8404ea747f13a6e4d8f272a02201e56ad8e4742abb73acea2df2274f2d4973db8eca502f2b7059734b7842a58ec63060a8c218e89102f0d
SSDEEP

192:6wwz1+WNHtPpoy5I9MLDDG/mDMHIP8DXJ2T2rLRRTbU25xdVWo2qUnIu99ld5:IfNJeyaqDDImQlJe2dRPppVWo2ln95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1243896b4cb9c19fcca1521b574e1d70

Files

1243896b4cb9c19fcca1521b574e1d70
.exe windows:4 windows x86 arch:x86

98e820727be491f05a1f4e0deb96f75c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
WaitForSingleObject
GetModuleHandleA
GetSystemDefaultLangID
LocalSize
LoadLibraryExA
CloseHandle
GetConsoleDisplayMode
CompareFileTime
GetVersion
VirtualProtect
GetAtomNameA
GlobalUnlock
HeapCreate
GetCommandLineA
SuspendThread
GetConsoleCP
HeapReAlloc
WaitForMultipleObjects
InterlockedExchange

gdi32

EndPath
EngLineTo
Ellipse
GetTextColor
GetMetaRgn
GetRgnBox
GetStringBitmapA
DeleteDC
EqualRgn
CreateICA
CreateFontA
FloodFill
AbortPath
CreatePalette
DeleteObject
BeginPath
GetFontData
Escape
GetMetaFileA

rastapi

DeviceConnect
PortClose
DeviceListen
DeviceDone
AddPorts

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ