966e0859dd8c581c7dd4380ad1d3cd20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

966e0859dd8c581c7dd4380ad1d3cd20
Size

83KB
MD5

966e0859dd8c581c7dd4380ad1d3cd20
SHA1

8f788320f4ad6d030fc3a1e3dd6f23531f1e8d99
SHA256

b09f96f5e2ba1f4d33e58eba9ca1a569975254ba75fe5c6303a59923b6b9859d
SHA512

d70f2f42603f9a859cfc01586d3034acab197fe3eec413b18a9159ecc949fbf81325dd5957e938240f34f7da6de6341085302d18852995c14630a8a7df1141dd
SSDEEP

1536:NL3rhdlgLsDyuXkTWRz6WV4/3PEEdqiXrUJ+TCmUGjEErxTWDTMqhGKYIZTET8bc:Nztdlm7EJ4/BdqdJ+TVUGjBkMqhGKZTE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966e0859dd8c581c7dd4380ad1d3cd20

Files

966e0859dd8c581c7dd4380ad1d3cd20
.exe windows:4 windows x86 arch:x86

1293c4d09fb05e4b40173925bd83d6c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleScreenBufferSize
SetErrorMode
GetUserDefaultUILanguage
SleepEx
GetVolumePathNamesForVolumeNameA
GetProfileStringW
SetPriorityClass
GetCPInfo
GetHandleInformation
EncodePointer
SetConsoleCommandHistoryMode

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE