279c7f50036771a158016679c654bde3 | Triage

Sharing

General

Target

279c7f50036771a158016679c654bde3
Size

58KB
MD5

279c7f50036771a158016679c654bde3
SHA1

5356e86b6054c9c3d23e40daf14d415ff2190f4e
SHA256

cb1d69893ff31237eca0aa822153fd3ad533c6075d15e6520f1c9a05395badfc
SHA512

7e5c006acce3278a2dfb560195480e2eed7d2394d82ace9ff5078d0afb8b1431ff2048367f4be5b67f1c8ea0660845a93e21e5bd9f2dbe7b03e6cadbc30baa65
SSDEEP

1536:xvwZTyhLlwF+dxYvGMTLM0+E5JT44dzZ:xYZTwd5QLqOvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
279c7f50036771a158016679c654bde3

Files

279c7f50036771a158016679c654bde3
.exe windows:5 windows x86 arch:x86

2921615adfbb658d6aa0f35720b8f430

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetFileSize
HeapAlloc
HeapFree
GetProcessHeap
WriteFile
Sleep
ReadFile
GetTempFileNameA
LoadLibraryA
GetModuleFileNameA
CloseHandle
GetTempPathA

Sections

.text
Size: 512B - Virtual size: 334B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ