2249156649faf95777740ee8459f55b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2249156649faf95777740ee8459f55b9
Size

114KB
MD5

2249156649faf95777740ee8459f55b9
SHA1

b49f08a47be04cfd7be3031de9d9f064eea7f583
SHA256

588c9cd47080940f4311ec183173046f20054d681a5ca075478fe0883c521eb5
SHA512

7afacd2af309744e719c61c07550ae300197a9581e047eb00385c3cca4dbe2078d0aa7d52b82a40c3f8f1425085c0159a5f3d97aeb7c4535d7bcdd0118fd2121
SSDEEP

3072:VPLDbZnnYiracKni5RDsSVMtzbgap4FgAJmnkkShuN7B:5dWniGtPgtaNnkkS07

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2249156649faf95777740ee8459f55b9

Files

2249156649faf95777740ee8459f55b9
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 368B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ