8982abbf530b84cc9fdcc8181f84ee77 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8982abbf530b84cc9fdcc8181f84ee77
Size

56KB
MD5

8982abbf530b84cc9fdcc8181f84ee77
SHA1

b06fec08e6a655fb7f7c0a228238695aed6110f6
SHA256

a3c534a8a43b066b951bb7f27337c0c62fde1b9a756f8caec9fa97540141aaa4
SHA512

f99b259e3408294d518e7054816d01fe635fe92eeb59ba042233c2aea280542d567b91a5011a531a016be5b101d15db49faf91be770b8ae5f41bb9b0b54e89ed
SSDEEP

1536:dR9tieuC08bhtw8g0ihzFhw9AtnHxBA6FQZ1FJmk:dLtid8fJRi5wStnRK6Snmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8982abbf530b84cc9fdcc8181f84ee77

Files

8982abbf530b84cc9fdcc8181f84ee77
.exe windows:4 windows x86 arch:x86

bee8c43786c3303663dbce458346fc62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenJobObjectW
SetTimerQueueTimer
GetBinaryTypeA
RegisterConsoleVDM
GetProcessHandleCount
ReadFile
GetCurrentDirectoryW
VirtualQuery
IsDBCSLeadByteEx
TlsFree
LocalUnlock
SetTermsrvAppInstallMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE