c68fae87fc900764ef8c2a8bffd5e90a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c68fae87fc900764ef8c2a8bffd5e90a
Size

132KB
MD5

c68fae87fc900764ef8c2a8bffd5e90a
SHA1

3a5373401b7305bbc81c3d90b78bc61ea77ab3dd
SHA256

8d3c2a30f298490ce7099b77e9763fc00093190bbe09bdc81766b77968e1e57a
SHA512

331378ee8db08feb511752d35c80a6603c3314edba2cc4eaa8d02ee663187712d690ba173cf9e14b155e6238ad88d60e4484563d38184801db72621f2fbf0d5c
SSDEEP

3072:3fHz45a23nbyZFV9oy1z/qu+GaiBN1HYE8HZTxFqBPdQ:3L45a2IFbHz/D+GagPHqZrI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c68fae87fc900764ef8c2a8bffd5e90a

Files

c68fae87fc900764ef8c2a8bffd5e90a
.exe windows:4 windows x86 arch:x86

269c5c97a359a88a3f333601cfa1f2d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
ResumeThread
SystemTimeToTzSpecificLocalTime
SetConsoleCP
VDMConsoleOperation
lstrcat
GetConsoleFontSize
GetMailslotInfo
GetProfileSectionA
EnumTimeFormatsA
GetCommandLineA
GetStartupInfoA
ExitProcess

ntdll

RtlZeroHeap
vsprintf
NtLockFile
strstr
NtReplaceKey

Sections

.edata
Size: 4KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.adata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Weijunli
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ