b976cbd6d48c11bf9ef18a3108da7e13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b976cbd6d48c11bf9ef18a3108da7e13
Size

35KB
MD5

b976cbd6d48c11bf9ef18a3108da7e13
SHA1

2c536848c1d6e7b8e637f18b34243baba04a871b
SHA256

b35d774c35d8bea8e988b50e75d5026669376f9d4988633c85ec781445f05e26
SHA512

883153ce80060d8bd9742a581380e3055572c50e38df04d897083081db7e7b5793ceb986e7b69aa645c5a662e611c9e35157aaaf9ac5eedb4f796f52ea8becf3
SSDEEP

384:I4GYYP4lehXB8WJ2H9U5enCN8rzLnVTnKn9s:I4Q4lehXLJyq5ehjMs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b976cbd6d48c11bf9ef18a3108da7e13

Files

b976cbd6d48c11bf9ef18a3108da7e13
.exe windows:4 windows x86 arch:x86

62ef6aacfc0dc68f10d547a3ebce1c7b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileW
DeviceIoControl
GetDriveTypeW
GetModuleHandleA
GetProcAddress
GetTickCount
HeapAlloc
HeapReAlloc

ntdll

_vsnprintf

ucrtbase

__acrt_iob_func
__p___argc
__p___argv
__stdio_common_vsprintf
_configure_narrow_argv
_get_initial_narrow_environment
_initialize_narrow_environment
_set_app_type
_strdup
exit
free
fwrite
getenv
memcmp
memmove
strchr
strcmp
strcpy
strcspn
strlen

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 192B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE