38ee4ff71065de5544a0f7e0880b3be9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38ee4ff71065de5544a0f7e0880b3be9
Size

320KB
MD5

38ee4ff71065de5544a0f7e0880b3be9
SHA1

c4ad9fcdb5a3c5443ca197f020ff30469c51dcbf
SHA256

e221b71a86a211e001e2bfaea6d6b7f13042de0e4fe53c54242f9135552eee80
SHA512

c07c15e2a3989bc157e169603da7ef6573c07714480448facbad4bff1fbae3466935cff773e0e3fe97ade84d9d88faa1749e9e6c198ca4fa0b9f8b447ddb937c
SSDEEP

6144:Zibp4OcheohFyVXqMv2IGH+haJffIEbBovGthUPeW8a3kU:ZNMohFENwehMfwEbqvG7Eh7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38ee4ff71065de5544a0f7e0880b3be9

Files

38ee4ff71065de5544a0f7e0880b3be9
.exe windows:5 windows x86 arch:x86

982edeeb58477d608d179d01b9d1f90f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetLogicalDriveStringsA
TerminateProcess
GetModuleHandleW
WinExec
GlobalLock
GetSystemDefaultLCID
SetLastError
GetVersionExW
lstrlenW
GlobalUnlock
GlobalFree
IsDBCSLeadByte
GetACP
IsDBCSLeadByteEx
GetDriveTypeW
GlobalSize
GlobalReAlloc
GetFileSize

rpcrt4

MesDecodeBufferHandleCreate

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 580B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 67KB - Virtual size: 807KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE