d9c492874bce1866489efd19cd77bb98c766364519dbc4b609ec8d0d96645fe8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d9c492874bce1866489efd19cd77bb98c766364519dbc4b609ec8d0d96645fe8
Size

9KB
MD5

dd51b7493ba47c2a8ad831214640c86e
SHA1

23223e46786f1165d03fd88b615669d6ab9ad2fa
SHA256

d9c492874bce1866489efd19cd77bb98c766364519dbc4b609ec8d0d96645fe8
SHA512

0a61bedc1037279b19f36655fe6764be8fd3fd36ee6c1154c1699f3825fd3f83c59e1e30a2053287ab03ae4333fc7e9fc01d67d3460c3653146a074c06cceaf1
SSDEEP

192:1VfaSsEkoENFIojld8nNI3yuRgBt3+fsGBfuhAyQno:1oSPpEjIo4yHR4Puuhino

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d9c492874bce1866489efd19cd77bb98c766364519dbc4b609ec8d0d96645fe8

Files

d9c492874bce1866489efd19cd77bb98c766364519dbc4b609ec8d0d96645fe8
.exe windows:4 windows x64 arch:x64

a6eb24ab07c7fb063dd851c88171f9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

atoi
strlen
malloc
sscanf
clock
printf
memset
strcpy
strcat
memcpy
__set_app_type
_controlfp
__argc
__argv
_environ
__getmainargs
exit

kernel32

Sleep
GetModuleHandleA
GetProcAddress

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ