13c0f415c39d603f207e8b407eca76c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13c0f415c39d603f207e8b407eca76c9
Size

209KB
MD5

13c0f415c39d603f207e8b407eca76c9
SHA1

07537b2f71890075c83e8b1992aadf59657df6a0
SHA256

06a99a068d1e950140cd75de2d01cc983109d47af5c869b0d781c2651038e9df
SHA512

e4ef267ed2976f7fe21830f5b2fd0ae2586e6a2376c60e53770c6628bd95d3a39835d3384a0933ec404e16fb090c4b7f43ae45a2518cc74e7fd7ef77d866a5fb
SSDEEP

6144:JzplReMDtXTOHJxnPBHnvQ9gyDh2TDdXjiwqtt5sfr:Jz8lHTPqgLTtCta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13c0f415c39d603f207e8b407eca76c9

Files

13c0f415c39d603f207e8b407eca76c9
.exe windows:4 windows x86 arch:x86

cf2fd278e023a00654c307adc272b1a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
TerminateProcess
WriteProfileSectionW
GetModuleFileNameA
GetProcAddress
VirtualAlloc
HeapReAlloc
GetCurrentDirectoryA
WriteConsoleOutputCharacterW
GetSystemTimeAsFileTime
GetCurrentProcessId
HeapAlloc
GetTickCount
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleA
GetSystemTime
LocalCompact
lstrcmpW
InterlockedExchange
RtlUnwind
WriteProfileStringA
QueryPerformanceCounter
VirtualQuery
LoadLibraryA
ExitProcess
GetDiskFreeSpaceA
HeapDestroy
TryEnterCriticalSection

shell32

SHGetMalloc
SHGetSettings
ExtractIconEx
SHEmptyRecycleBinA
SHGetSpecialFolderLocation
ShellExecuteExA
FindExecutableW
DragQueryFileW
SheChangeDirExW
ExtractAssociatedIconW
SHBrowseForFolderW
SheGetDirA
SHFreeNameMappings
SHGetPathFromIDList
SHLoadInProc
SheChangeDirA
FreeIconList
SHGetFileInfoA
ExtractAssociatedIconA
SHInvokePrinterCommandW
ShellExecuteA

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ