c97d5cbbf72f80c3b9eb1308909b2fd4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c97d5cbbf72f80c3b9eb1308909b2fd4
Size

88KB
MD5

c97d5cbbf72f80c3b9eb1308909b2fd4
SHA1

f4297e24c7e85d730ed7670a78a651a8fdfd848f
SHA256

f1a9993be9af933fa4db243ffea09df4e31d2c30c602ea75fd03f16cd8a0dbf6
SHA512

aeaa7e4346b9971f2ba261c8f59ac6ffb24dc3ed181be473d96b02a89a163e462e48c4127f81e4199b178b5ed704a969135c0a30d2816c88fc08aac176455fc9
SSDEEP

1536:u4tJT2JER64AUUMtnmgFOtx9nToIflIOlIOudnoi:ntJaJ9bUDxF2DTBfvvu1o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c97d5cbbf72f80c3b9eb1308909b2fd4

Files

c97d5cbbf72f80c3b9eb1308909b2fd4
.exe windows:4 windows x86 arch:x86

93bd6c3bf6d1f48799ee30b08e3159a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetWindowsDirectoryA
ExitProcess
TerminateProcess
GetCurrentProcess
HeapAlloc
HeapFree
GetCommandLineA
GetVersion
GetLastError
CloseHandle
WriteFile
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
FlushFileBuffers
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
RtlUnwind
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
GetProcAddress
LoadLibraryA
SetEndOfFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
DeleteFileA

advapi32

OpenSCManagerA
CreateServiceA
CloseServiceHandle
StartServiceA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE