899da555de99ca11cbf1141a3244003f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

899da555de99ca11cbf1141a3244003f
Size

56KB
MD5

899da555de99ca11cbf1141a3244003f
SHA1

428e3c6c950ef2b4bcddf89bdcba35ae5a658362
SHA256

99b6b9bf13b96379507e633afb6eaf1d1b6e6a66a580ae936d2b6a415767d5ad
SHA512

10ba74df3ace35d4dfc561ec73b31635afc584e78383ccfcca0d8e50ebf73e4dc39e7d8a64b8be947edc4f88cfa0a3f632e5b17d3106c4521c2af7938d188443
SSDEEP

1536:DxuqUZ06yWs40oTkVuufip3nGphnfuV7kmgeYleF1:DC0gs4/8uoip3khmJk2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
899da555de99ca11cbf1141a3244003f

Files

899da555de99ca11cbf1141a3244003f
.exe windows:4 windows x86 arch:x86

115d9b04c0b3e20cdfb74715ce1363fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReplaceFile
InterlockedIncrement
GetTickCount
GetDefaultCommConfigW
EnumResourceNamesA
CreateMailslotW
WaitCommEvent
DeleteAtom
SetLocaleInfoA
DnsHostnameToComputerNameW
GetBinaryTypeW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE