2399c60794a5668ae97e91f0aa69fdb3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2399c60794a5668ae97e91f0aa69fdb3
Size

216KB
MD5

2399c60794a5668ae97e91f0aa69fdb3
SHA1

1f4b59359ecdc875789bf2c59f3be135a61ac391
SHA256

e0933251c048b3b32826aa186ea770430606ae509faa24c6eebd9d3fd07939c3
SHA512

4bf9950af2612f972965308982befa4a414d80bd2d0419ddfe4939a49ef9d83944ae748081f6187d82e583b1bad17328825a76b51f3ca5ad9e164442ebd5f7e5
SSDEEP

1536:smRrMSmlDJXDzyN0RwK6v6krYMnP2vd44tvoyEzGHF34gHmrLycITF5xpINPg:s4MSGXDmOOtPM2Kovk48m/C5X2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2399c60794a5668ae97e91f0aa69fdb3

Files

2399c60794a5668ae97e91f0aa69fdb3
.exe windows:4 windows x86 arch:x86

5a5720fa7123f63a4a0b27ac1d4f168f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LZCopy
GlobalFree
OpenEventA
VirtualAlloc
VirtualQuery
GetLocalTime
GetFileSize
lstrlenA
WriteProcessMemory
MapUserPhysicalPagesScatter
WriteFile
ReadConsoleA
GetCurrencyFormatA
GetProcAddress
GetLocaleInfoA
GlobalHandle
GetCurrentProcess
SetConsoleInputExeNameA
OpenMutexA
SetEvent
SetLocaleInfoA
GetTickCount
FillConsoleOutputAttribute
CompareFileTime
FindNextVolumeMountPointW
ReleaseSemaphore
TerminateProcess

wininet

HttpQueryInfoA
InternetOpenA
HttpSendRequestA
FindNextUrlCacheEntryW
InternetOpenUrlA
InternetConnectA
HttpOpenRequestA

Exports

Exports

GetBvotcomgcu
OpenXgloiwaf

Sections

.rtext
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ