99ef7b4970b2c1a833a0607c020f39ca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

99ef7b4970b2c1a833a0607c020f39ca
Size

30KB
MD5

99ef7b4970b2c1a833a0607c020f39ca
SHA1

038b4c65d33adb2d90945d67db1dae9c8bb765ff
SHA256

b734d4dcd9c55ae34b050bf95e31fbdc5c7be4513293a2318d94a1c84f68e3cf
SHA512

00d4844266dd367fe39874ec90f7b303f11cd5cc3e058cccf155b6e1da3d5c9cf4f47dc4e51e09b54e7e5ce197496d95de1ff4f81cd46b1d1e7bd92440dfec8a
SSDEEP

768:xVtP+I9YeMm5ontLKastkx6spGIkjb9uMViyTjVKYc:RP++t5E+a4kx6hIkjRuMVX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
99ef7b4970b2c1a833a0607c020f39ca

Files

99ef7b4970b2c1a833a0607c020f39ca
.exe windows:4 windows x86 arch:x86

c0ca8fb524d53a294a75f3adfde9e816

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
LoadLibraryExA
GetModuleHandleA
VirtualProtect
ExitProcess
GetModuleFileNameA

user32

MessageBoxA

Sections

.data
Size: - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_rsc
Size: 160B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ