224a39ca65fd763af0035dba780e90ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

224a39ca65fd763af0035dba780e90ad
Size

484KB
MD5

224a39ca65fd763af0035dba780e90ad
SHA1

af2403ba5f46eba3035a3c722bdee795426c285d
SHA256

f7d9809214a3edbc0fe84f538bbe20a81751c920fd08c2541ec9759a1b5bee18
SHA512

f432dda32716387736e66b6721101b0baf8bac6c70ced0ca9502aa1364e48c65932d06990a22ffd7bc0f9f12b12e00c0b658c9bdef3f99730d85f7f061f7b47b
SSDEEP

12288:tHPaQ8cxj/PIA9M32kIQMt0Y8FTv7B/V+U3vIgu1J:t7NxrMm1rhGF4UAt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
224a39ca65fd763af0035dba780e90ad

Files

224a39ca65fd763af0035dba780e90ad
.exe windows:4 windows x86 arch:x86

ad27c5e597c753fd1f41afaea0ff61c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtReadRequestData
ZwOpenProcess

user32

GetFocus

kernel32

GetUserDefaultLangID
GetConsoleWindow

Sections

.text
Size: 478KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 379B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE