89ccf5e646f07c76c3b5c393fc7eacc4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

89ccf5e646f07c76c3b5c393fc7eacc4
Size

5KB
MD5

89ccf5e646f07c76c3b5c393fc7eacc4
SHA1

fd3debd8404b90d1497c7c4a8b5c399200df8b8f
SHA256

01268a0b471007a26177b7513c9fe03aa31f533bb99cc1bd814903d388cbf49f
SHA512

14be04fa7c135543b32e39a09e90cef1e5928374cbc10ff654d4617d4c42ba8d5bf820c7d9e7a09ca7820209de414ab3b11dd9d88ba9269f055ea56c2f111400
SSDEEP

96:gyBEcfAMqEVj7m/RZJL/cfFgGX5g7sLhz:7BEcfz//MUFgw5g7sLhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89ccf5e646f07c76c3b5c393fc7eacc4

Files

89ccf5e646f07c76c3b5c393fc7eacc4
.exe windows:4 windows x86 arch:x86

fa98c0705d15d69aea1be01cbea3736b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableA
SetComputerNameW
EnumResourceTypesA
BuildCommDCBW
GetConsoleAliasExesA
GetAtomNameA
WriteProfileSectionA
GetEnvironmentVariableA
GetConsoleAliasesLengthA
CreateWaitableTimerA

user32

GetClassLongA
RegisterDeviceNotificationA
SendNotifyMessageA
CreateWindowExA
TabbedTextOutA
FindWindowA
TranslateAcceleratorA
GetWindowTextA
EnumDisplaySettingsW

gdi32

DeviceCapabilitiesExA
CopyEnhMetaFileW
StartDocA
CreateEnhMetaFileW
EnumICMProfilesW
GetKerningPairsW
CreateScalableFontResourceA

Sections

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1024B - Virtual size: 794B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 1024B - Virtual size: 891B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ