248a1078b1dff82260746fe4bfa1bf05 | Triage

Sharing

General

Target

248a1078b1dff82260746fe4bfa1bf05
Size

63KB
MD5

248a1078b1dff82260746fe4bfa1bf05
SHA1

4a3c80b4ddd747a9cf2c0dee81bfdd4eed874015
SHA256

4c9807812aa2856da57e2d1d0e8511d9fe5bbeb7bb6c2981008152d2726a1cb0
SHA512

220710baa88137156095474142b0e240670c26a988e737241e0ea5d4aadb3eaae9a4c9ed42a45d106da9d7b27ebfc8acf970e9ad1ce2a86dd330204fd6aefd5a
SSDEEP

768:AIASdoN+bTSyJK8U+5JcMQe3k5ZxciocvWDpA7ruowPd6HxHu3xqyTb+JP0uGv51:QYFFXJi5KpxzcKqPvGECJ+lmAmojrenf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
248a1078b1dff82260746fe4bfa1bf05

Files

248a1078b1dff82260746fe4bfa1bf05
.exe windows:4 windows x86 arch:x86

3b4269e5665ae1cf7c4693f5d0850566

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RestoreLastError
GlobalAlloc
GetPrivateProfileSectionW
GetTempFileNameA
LoadLibraryExW
VerLanguageNameW
DeleteCriticalSection
GetNativeSystemInfo
FreeResource
GetDriveTypeA
VirtualProtectEx

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE