bc24414ca3f837ff4d60c0fbae60f9c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bc24414ca3f837ff4d60c0fbae60f9c9
Size

197KB
MD5

bc24414ca3f837ff4d60c0fbae60f9c9
SHA1

1731fe6ecacbbb21c68cd32628548c8145bda317
SHA256

48da5defe42462630aa8ed76c7422ae05d5dcc95a2bad6bfff5a26da568c1d76
SHA512

3b8410ed7b71d359a0801a0f898b21b51dc067cfa25d0f988eec28c5b948be25dc9c520a49737990cd7a74a464699396c8fcb7a071d5896177c1fcf46ec721b0
SSDEEP

3072:3OwwSKoxZv6R5AqLQatmM9i9F1rljDujwuAFTmJ/QZYdbvIjLkCNBZBhL8:BMoxZvxq8aQYiTVljDuMpO/9mFBV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bc24414ca3f837ff4d60c0fbae60f9c9

Files

bc24414ca3f837ff4d60c0fbae60f9c9
.exe windows:5 windows x86 arch:x86

f32b80a791dab2e07f23a150820934ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharUpperW

gdi32

CreatePatternBrush

kernel32

GetConsoleCP

Exports

Exports

RoamingTraiO
?ImpactDS@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@O
?JoinLower@@YG_JU_HALIGNLEFT@@U_REMOTECONTROL_SYS@@@O

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.write
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.read
Size: 512B - Virtual size: 269B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ