860ec79bb4bab15c854fa8ed9aea12df | Triage

Sharing

General

Target

860ec79bb4bab15c854fa8ed9aea12df
Size

83KB
MD5

860ec79bb4bab15c854fa8ed9aea12df
SHA1

afa68d246c4d2bf67b1da8d9b67e64870130ec81
SHA256

59a6827796c46b02806c56f497cb9a1364ac87e6576d66e4bc552f5a866aee5e
SHA512

9a8d0125b61832d44db769549c57b18b3ba4760dce5fdc3419a09b412d97347117459a17cd5b20eb67a1a967866dd67cc60b70409cc132b1951c7385a28036cd
SSDEEP

384:W6U/g5hOn+qX6fTXlusudD2eZw/6Z3K4Db0l:tUmhOnDYTzWzBhal

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
860ec79bb4bab15c854fa8ed9aea12df

Files

860ec79bb4bab15c854fa8ed9aea12df
.exe windows:4 windows x86 arch:x86

38a3d1f8f213ed99932405c0188d7363

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
GetLastError
GetTimeFormatA
MapViewOfFile
RtlUnwind
Sleep
TlsGetValue
UnmapViewOfFile
VirtualAlloc
lstrcpyA

msvcrt

_stricmp
exit
rand
_exit

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ