8997d2c0a820289f23e69d3023086e32 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8997d2c0a820289f23e69d3023086e32
Size

35KB
MD5

8997d2c0a820289f23e69d3023086e32
SHA1

6f93d9b3a5185b17e382e40d53cc086097f725c6
SHA256

7de23ed36722581eee63181d7cec8a95332b55092c5316568a9b6f25b5329653
SHA512

9a655ebff8a761a475743eed63c6edb0b541ef1aa5bd46019abc10f51214b6909aac563160c1edfcb79713eb8a60efc65a237bb40faf769122b2d5ec4ff1da18
SSDEEP

768:mRB5C5NwA8/9nqqttLiM0T7CdtjtjNx21HJd:mR/C3wA8xqGtSfSRk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8997d2c0a820289f23e69d3023086e32

Files

8997d2c0a820289f23e69d3023086e32
.exe windows:5 windows x86 arch:x86

0633b9738e8b8ac6e8f7419b0dd18713

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedDecrement
InterlockedIncrement
GetConsoleOutputCP
SetEvent
LocalAlloc
InterlockedExchange
GetThreadLocale
ResetEvent
GetCurrentThread
Sleep
GlobalReAlloc
GetTimeFormatW
SetConsoleCtrlHandler
VirtualProtect
DeviceIoControl
DeleteFileA
GlobalLock
lstrcpynA
WaitForSingleObject

ntdll

RtlTimeToTimeFields
RtlDecompressBuffer
_alldiv

ulib

?PutSeparators@ARGUMENT_LEXEMIZER@@QAEXPBD@Z
?Put@ARRAY@@UAEEPAVOBJECT@@@Z
?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z
?Initialize@ARRAY@@QAEEKK@Z
?Initialize@FLAG_ARGUMENT@@QAEEPAD@Z
?Initialize@WSTRING@@QAEEPBGK@Z
?Get_Standard_Input_Stream@@YGPAVSTREAM@@XZ
?Initialize@PATH_ARGUMENT@@QAEEPADE@Z

msvcrt

__setusermatherr
strncmp
??3@YAXPAX@Z
time
atoi
rand
wcscpy
_controlfp
__mb_cur_max

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE