04943200ccfc3c8930990c185b5833a928b6659795cbb72c381f59ea95da09cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04943200ccfc3c8930990c185b5833a928b6659795cbb72c381f59ea95da09cd
Size

813KB
MD5

977edf4f1ca74e975bf5dbebc3b4efde
SHA1

c33021af2d9d11bc60c3626588983047a07d5b2d
SHA256

04943200ccfc3c8930990c185b5833a928b6659795cbb72c381f59ea95da09cd
SHA512

c6eee8607686a436c24773449316f624760263db25a3bdf3ddbd96d2c67a8325fc095eab47da56956d638cab404498dda7ef9e4d5f49addca5297358a5ffe2a5
SSDEEP

12288:evhUIbRxwOpBB96xIjovFoB1eiq7ackjAobMi4U7b7ovsAgAuYtVN/ERBxLXzJR:QhUIXXB96xrFc1e77mAgRQtVN/E31F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04943200ccfc3c8930990c185b5833a928b6659795cbb72c381f59ea95da09cd

Files

04943200ccfc3c8930990c185b5833a928b6659795cbb72c381f59ea95da09cd
.exe windows:5 windows x86 arch:x86

149341a5b436cc34df7c6eceefa9f65d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
GetTickCount
GetConsoleTitleA
SetVolumeLabelW
LeaveCriticalSection
GetFileSize
FoldStringA
DeleteFileA
GetStringTypeA
HeapCreate
SetEnvironmentVariableA
GetProcessVersion
LoadLibraryA
GetPrivateProfileIntW
SetCurrentDirectoryA
OpenThread
GetCurrentProcess
EnterCriticalSection
lstrcpyW

activeds

ConvertSecurityDescriptorToSecDes
ADsSetLastError
ADsGetLastError
ADsGetObject

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 801KB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ