98880f82b2f85adbd1f4f549a60d2eb2 | Triage

Sharing

General

Target

98880f82b2f85adbd1f4f549a60d2eb2
Size

83KB
MD5

98880f82b2f85adbd1f4f549a60d2eb2
SHA1

a6065736bc57226568c93e236e589531e4ba2a44
SHA256

97bddecc82196c929bab76c3fc843db9aef1d2cb12a81ac407b6054928826b73
SHA512

bb7675ba1a2a5cb3fe27d9cfcc77baaeabce8cdaae3ebae01d80dd20f204ddaf6ad27c9a4a5d77f30b59c4e4f4a2e9326ae408cd80e361bd98f41c2023fdee7a
SSDEEP

1536:L0pO5oOR51oI9sTWheEdBNgz4PH6kHUDb4jEErxTWDTMqhGKYIZTET8bDQ:Foa51NIWheE3Ng0P6y/jBkMqhGKZTbbc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98880f82b2f85adbd1f4f549a60d2eb2

Files

98880f82b2f85adbd1f4f549a60d2eb2
.exe windows:4 windows x86 arch:x86

5d590d1e39bd447049735e2f0821149c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
CreateConsoleScreenBuffer
EnumTimeFormatsA
CopyLZFile
LZRead
InterlockedDecrement
BaseQueryModuleData
DebugActiveProcessStop
lstrcmpA
_hwrite
RaiseException
OpenWaitableTimerA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 27KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE