802cc4f10309e7f375b3b3030e137337 | Triage

Sharing

General

Target

802cc4f10309e7f375b3b3030e137337
Size

132KB
MD5

802cc4f10309e7f375b3b3030e137337
SHA1

8fbecc57609f6d5a830fe011e0cc4f96accbd252
SHA256

79e79b2325a13723a114915274b0135c1ff6443a3ee39a2067ca45358532f22b
SHA512

5cd8b3d1e573f65aded11fbbf9ea61a0840859cb85ccd16af4212d29961d2e69d223b10b0357f71dc99b795a253ce27a3eb5bdeb788ea6ceb2f5b6328330a8bd
SSDEEP

3072:6hh0HPtgj7JTM+RQBMakyal9VbUx/pHdBeS0RQer:6LIuaOQBMakymjYx3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
802cc4f10309e7f375b3b3030e137337

Files

802cc4f10309e7f375b3b3030e137337
.exe windows:4 windows x86 arch:x86

a590d0a4f82ecad83145b0637d054ec9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
ResumeThread
GetSystemTimeAdjustment
GetCommProperties
GetNamedPipeHandleStateA
SetMailslotInfo
QueryPerformanceFrequency
GetConsoleFontSize
TransmitCommChar
SetTapePosition
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlZeroHeap
vsprintf
NtLockFile
strstr
NtReplaceKey

Sections

.edata
Size: 4KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Weijunli
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ