88440463d9db0a3ff90857dd698498ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88440463d9db0a3ff90857dd698498ed
Size

1.0MB
MD5

88440463d9db0a3ff90857dd698498ed
SHA1

a9d49e05cbfb3c1d51fe0a8dee9112c6882b8a72
SHA256

5ab7a1cd7dd32ca8861e5cf4015ffc03532221783235ef533c214e23919b770f
SHA512

d389d9310e743c5e52957d3cb363d88229fd9170218b17c5999981bfb652df33fed78aee826456331ec34de5ee7bb75b09fe637f9d90d08dcf57f9ec8a0bf08d
SSDEEP

24576:F7azi+JOXv/iz7jDwtMIVSMuSgO/ed6/lY:FuxMXv/iz7jDwX3gOn6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88440463d9db0a3ff90857dd698498ed

Files

88440463d9db0a3ff90857dd698498ed
.exe windows:4 windows x86 arch:x86

b0aa2f54cfde4a19a964518085c53ce0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetProcAddress
LoadLibraryA
GetVersion
lstrlenA
CloseHandle
lstrcatA
GetFileSize
GetTickCount
GlobalFree
GetVersionExA
Sleep

msvcrt

wcschr
__p__commode
toupper
_controlfp
_except_handler3
wcstoul
_XcptFilter
_c_exit
__getmainargs
_exit
__CxxFrameHandler
__set_app_type
_adjust_fdiv
exit
memmove
_acmdln
__p__fmode
rand

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 982B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 481B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1019KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ