96265b5fbfcca2a6c19b9f086fd1e75f | Triage

Sharing

General

Target

96265b5fbfcca2a6c19b9f086fd1e75f
Size

519KB
MD5

96265b5fbfcca2a6c19b9f086fd1e75f
SHA1

09695fb94eeb88d403e50779a99b9a4d19567e30
SHA256

0e552aa2b1f6f37d6e5702181d1f7945e621a71cb44c757cabfdb775a1230925
SHA512

d6952f337d253c617d0b950b904ec37a22bb79fbae3f0aba4563c8b1e6842642bb4321a9961b915cf7a0fbf5b9a8270812a6cb8d816c778e74ed89929b689f35
SSDEEP

12288:kPJs6A7TTUSiS11UWUSkf7LbJyK1x51j65SxNm+:mJsDTUV81UW9i3bj6oxU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96265b5fbfcca2a6c19b9f086fd1e75f

Files

96265b5fbfcca2a6c19b9f086fd1e75f
.exe windows:5 windows x86 arch:x86

a725bba6e993990814623754bb0d61ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

log
__argc
_flushall
realloc
is_wctype
feof

ole32

ReadClassStm
OleGetAutoConvert
CoRevertToSelf
CoGetInstanceFromFile

kernel32

GetLocalTime
GetEnvironmentVariableA
GlobalDeleteAtom
GlobalFindAtomA
SuspendThread
LocalUnlock
GetNamedPipeInfo
PostQueuedCompletionStatus
WriteTapemark

advapi32

ReadEventLogA
GetSidLengthRequired
GetSidSubAuthorityCount
ConvertAccessToSecurityDescriptorW
QueryServiceLockStatusW

gdi32

SetFontEnumeration
GetObjectType

Sections

.text
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.init
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ