960c91645183e1207fffa9ed12221baf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

960c91645183e1207fffa9ed12221baf
Size

48KB
MD5

960c91645183e1207fffa9ed12221baf
SHA1

d0325bce5bbf94163f7bad905c146efc516445f9
SHA256

0291cf15574f604b8e8383136718f23f34950c1d0542cd3afbd206a1bfaa7930
SHA512

89228f00e2c4375b0bc6c6ccbd9b0bc56a794bb67ca72720c920961d65de8ed4aae21d9034d444ae31dc3b1c6af0747c4379de929de91308f582fb7ebee106a9
SSDEEP

768:4D5eG4wNcfmhXk2YPQxrwMkZXZq4FdHKHD1EeAjZ+uKFTl/H+F1rtVMr0St1uout:oeG461j0ErDWKj1EdjZ+tpv0M1tzuM38

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
960c91645183e1207fffa9ed12221baf

Files

960c91645183e1207fffa9ed12221baf
.exe windows:4 windows x86 arch:x86

c41f7d71fa462557f9ee2ef66e393a4c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToLocalFileTime
SetEvent
LocalFree
MulDiv
GetEnvironmentVariableA
WriteConsoleW
DeviceIoControl
ReadFile
GetModuleHandleA

msvcrt

_XcptFilter
rand
_vsnprintf
_except_handler3
_strnicmp
fseek

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE