16092f68840e888051edaa36bbc1abe3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

16092f68840e888051edaa36bbc1abe3
Size

84KB
MD5

16092f68840e888051edaa36bbc1abe3
SHA1

e0ca3310b1c723997cd3afef684eeb5c3faa0658
SHA256

7ea44ceec916204989468e64f3421f5297b88ee5da19ce4c798bdf1fecf91562
SHA512

a732add9a030b4a44efd2e46cbf73da57d172f9ebd92b61c2fbc0d2f3fbec28a7ed44430a4d51d22dd9720eb62e9730b93154968c1ea58d2f70f75cfe69d20cf
SSDEEP

1536:NB+FC9RntfWeoGiPyCHjKDjfQQQtUetDdlN5k89:NB+F8tfPN4yCDKDjfQQQtB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
16092f68840e888051edaa36bbc1abe3

Files

16092f68840e888051edaa36bbc1abe3
.exe windows:1 windows x86 arch:x86

17a4bd9c95f2898add97f309fc6f9bcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess

Sections

.bss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewSec
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE