235eef1872c80d4a374aa130d59a1407 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

235eef1872c80d4a374aa130d59a1407
Size

27KB
MD5

235eef1872c80d4a374aa130d59a1407
SHA1

1f07734c851da449eb148760cffa3b85d8ce0938
SHA256

31db79fbc5c2e77d1ac3ea1ee9e6438ad83c672e3341f3d939b7c5f3ebf1e8aa
SHA512

19ecfb38ec09c3554e3ee6de855d1eaa46e4d436a2db681b70c1120446ff0ca56ebda5de574ec1479e144b5ee8d1c66ca72d4d31df5825285e43350e754392c9
SSDEEP

384:ZMc+FUyDctXqyu3UgVMmlYB3GCAQFYlludStynVIcHX:gUwcgy4UNGCAyYllMStAIcHX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
235eef1872c80d4a374aa130d59a1407

Files

235eef1872c80d4a374aa130d59a1407
.exe windows:4 windows x86 arch:x86

e5a66515e9d7ae5221dc7b1ac10810b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SizeofResource
FindResourceA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualProtect
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
LoadResource
GetACP
GetCPInfo
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
IsBadWritePtr
HeapReAlloc
VirtualAlloc
WriteFile
VirtualFree
HeapCreate
HeapDestroy
GetFileType
GetOEMCP
LockResource
RtlUnwind
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ