c74edf663f9f562699971242912b0855 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c74edf663f9f562699971242912b0855
Size

1004KB
MD5

c74edf663f9f562699971242912b0855
SHA1

9dd44f3ea128a5e03b0d4e00ada67f585888bd74
SHA256

d48b7d489024a6cb46dd6c9abbd8b4a9fafd92e7c1fbbaa5abe7371137938ad9
SHA512

d30b6b93313428389feb91687889a7195ec59179c7961b6953344c0bb691b48269133a4a4a6213d8ddef31b6d577b05922e0cdda8ad3d249e9a3f2f9e7e02ce2
SSDEEP

24576:qU6lsYgeIE+R36b8U67J6OAaAqKm79u4v7R6EHK:qBNO//3R+ajK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c74edf663f9f562699971242912b0855

Files

c74edf663f9f562699971242912b0855
.exe windows:3 windows x86 arch:x86

d581af1da504c0ae28eeaac6d1498519

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenThread
HeapDestroy
EncodePointer
InterlockedIncrement
ConnectNamedPipe
GetLocaleInfoA
GetModuleHandleA
CreateNamedPipeA
GetSystemDefaultLCID
IsValidLocale
RtlFillMemory
HeapAlloc
GetProcessHeap
HeapFree
OpenEventA
GetCurrentThreadId
ExitProcess
WriteFileEx
HeapSetInformation
ResumeThread
ReadFile
DecodePointer
CreateFileA
SetFilePointer
RtlMoveMemory
ConvertDefaultLocale
GetLastError
HeapCreate
InterlockedDecrement

Sections

.text
Size: 726KB - Virtual size: 728KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 269KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.resrc
Size: 7KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ