66640a4840629257685114506c796390 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66640a4840629257685114506c796390
Size

220KB
MD5

66640a4840629257685114506c796390
SHA1

1ee6873dc5b4277c9adeb367e82b3b4be457eb49
SHA256

ebc841962f4710d9ad10b7115ce633c395810c78c777a4ff8d627b98188c6744
SHA512

b49643c212d4429e5b61fad347bedb9222b4ffa4dc3f06a1d3adc6dcc70655749e4daba5b5dd00ae0bdb11e3c49bbfabdc4d55a4db05c8b61b4b5b97dec2dda5
SSDEEP

6144:/p7vYLsYrgLRcY58owCr+mYsA5sjrGrMQDCSd:/3JYVCrHSsjrKMQD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66640a4840629257685114506c796390

Files

66640a4840629257685114506c796390
.exe windows:4 windows x86 arch:x86

97178fa49f4fe6c1da7f5632f4af880c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
ProcessIdToSessionId
GlobalAddAtomA
TermsrvAppInstallMode
TerminateProcess
GetConsoleTitleA
FileTimeToSystemTime
DeleteTimerQueue
ExitVDM
DuplicateConsoleHandle
HeapAlloc
RequestWakeupLatency
SetFilePointer
TransactNamedPipe
VirtualAlloc
MapViewOfFileEx
GetCommandLineW
ReadConsoleA
SetEndOfFile
Heap32Next
GetTimeFormatA
ClearCommError
HeapFree
GetDateFormatA
RemoveDirectoryA
OpenThread
SystemTimeToFileTime
GetConsoleCP
SetConsoleInputExeNameA
GetProfileSectionA
ReadConsoleA
IsValidCodePage
GetSystemWindowsDirectoryA
DebugBreak

ws2_32

socket

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ