210dcfdb53d2bb54254e863aacf6d81b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

210dcfdb53d2bb54254e863aacf6d81b
Size

60KB
MD5

210dcfdb53d2bb54254e863aacf6d81b
SHA1

755d7864a9609c8cd30d69b8748f874a7c92ff06
SHA256

86abb0f9763841ff5fcb80207c026eb5f05a690380804f22d7d3b31c1a71f1ac
SHA512

3bee5bbd501b53d9754b11ba3f96ec902af9a2fd786a56b1115997409ca4d9eb95c32418288d20e99357fb48aa9772a33a48ff6f197e34d777073df540a24f4f
SSDEEP

768:AEtPPwcB3yx4H9LaS7WHrD/jF9sCLZlcyBxgSNHgpopqOufRcTfpodq/XS:AkPPAmSL1B/fNkocOYcTxfS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
210dcfdb53d2bb54254e863aacf6d81b

Files

210dcfdb53d2bb54254e863aacf6d81b
.exe windows:4 windows x86 arch:x86

7aff61957b6d946589eaa1d759da1f79

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
GetFileAttributesExW
GetProcAddress
FindNextFileW
GetPrivateProfileStringW
FreeResource
CreateProcessW
FileTimeToSystemTime
FindClose
DeleteFileW
CreateThread
GetFileAttributesW
GlobalDeleteAtom
GetDriveTypeW
ReadProcessMemory
LoadLibraryA
QueryDosDeviceW
GetCurrentProcess
GetFileSize
GetCurrentProcessId
GetVersion
ReadFile
GetModuleFileNameW
SetWaitableTimer
WideCharToMultiByte
MultiByteToWideChar
GetCurrentThreadId
CancelWaitableTimer
CloseHandle

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE