900a3bc0a598a343c928eaa18878a54a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

900a3bc0a598a343c928eaa18878a54a
Size

879KB
MD5

900a3bc0a598a343c928eaa18878a54a
SHA1

9174a2fbd7177b2d69c3c7f6b0fe6e92bd3386d9
SHA256

55ffac125f1eea6fcedff44defb34ee11ec225cbfcdf778e3883047294d97733
SHA512

a746a98a4a70eeb8e78ba26171c0d114928fcb30198c79816ef373aa0f7cdac7a438643e6802c5adf407593e3d82db9405221e9e204fe63da5d9f2791652dbe7
SSDEEP

24576:qL5s/Ji5FSaMg3T7RxkfaRhgoUr1T9iV8y:1/JeSHgjVxkzrJ9iVN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
900a3bc0a598a343c928eaa18878a54a

Files

900a3bc0a598a343c928eaa18878a54a
.exe windows:4 windows x86 arch:x86

1ff5a09c7139064bd99501b2b8049220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeviceIoControl
CloseHandle
CreateFileW
LocalFlags
GetConsoleTitleA
CloseHandle
GetCommandLineA
DeleteFileA
lstrlenA
HeapCreate
CreateFileMappingW
IsDebuggerPresent
FindClose
Sleep
GetModuleFileNameW
LocalSize
GetFileTime
GetDriveTypeW
GetModuleHandleA
GetStartupInfoA

user32

LoadImageA
DispatchMessageA
CallWindowProcW
BeginPaint
DispatchMessageA
DestroyWindow
IsWindow
DestroyMenu
GetIconInfo
PeekMessageA
DrawTextW
IsZoomed
GetWindowLongW

dpwsockx

DPWS_GetEnumPort
DPWS_GetEnumPort
DPWS_GetEnumPort
DPWS_GetEnumPort

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 872KB - Virtual size: 872KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ