98d90e2c2ba226b96394eebfb0e49799 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98d90e2c2ba226b96394eebfb0e49799
Size

335KB
MD5

98d90e2c2ba226b96394eebfb0e49799
SHA1

c6ed792c7ef4f99ab16d5d33bf07d03f0f6ffd7b
SHA256

7916dfeb4da2256692570102ed081178952a02669c6df7f24dd14e2484671601
SHA512

c2b8cb562cdc806f1c631dfe186d2e411f672a60c3642f2854d3c4f195e8801991ab124b2913d2347e5bf0681cb6afe0a7d766c68d6d584614d61b322338a6b9
SSDEEP

6144:PKd7unmKMoKXuIcFFzKkwZgT6d2yj1BOV+403BFaVzvrr6f8JJat:PK8m7oGc7m8T+Om37iifOW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98d90e2c2ba226b96394eebfb0e49799

Files

98d90e2c2ba226b96394eebfb0e49799
.exe windows:4 windows x86 arch:x86

b641d2a7f1db5b888dc4698149e324a2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
VirtualProtect
GetCommandLineA
GetVersion
InterlockedCompareExchange
Sleep
InterlockedExchange
GetProcessHeap
HeapFree
RaiseException
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetModuleHandleA
GetStartupInfoA

rpcrt4

RpcStringFreeW
UuidFromStringW

msvcrt

exit
__CxxFrameHandler
_except_handler3
_wcsicmp
wcsstr
free
_XcptFilter
_initterm
_amsg_exit
_onexit
_exit
wcschr
_acmdln
__getmainargs
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 302KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ