d599c4cd821b8b1a67ab06f133748108 | Triage

Sharing

General

Target

d599c4cd821b8b1a67ab06f133748108
Size

1009KB
MD5

d599c4cd821b8b1a67ab06f133748108
SHA1

09849732df5f6cc949c03e579cab51413b17352b
SHA256

817f232b5de404237fc8686afa567a2c2d69474536f5760ee7b764ae6faf27ed
SHA512

02d298504ad045e7f8c46125d34ba657443b4117e481a94253244ffdd4a8735e68f3ab02ba4d5514c7d863a16e5a17b8c56eb36ec4f4607e96fc4c32c0cfa0d4
SSDEEP

12288:KNFf166/jmATKjuGwKawR0Lonk1ccs5zzW20YS356JmykQW5azmi21lyNgLR/qFm:KTzQ6Ehygk2ZutYS8Jmyb216q+MsZr+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d599c4cd821b8b1a67ab06f133748108

Files

d599c4cd821b8b1a67ab06f133748108
.exe windows:4 windows x86 arch:x86

de557cb6dca70b6c3b56579179718b9b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

OleIconToCursor
VarI1FromUI1

kernel32

ExitProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
InterlockedIncrement
MultiByteToWideChar
TerminateProcess

Sections

.text
Size: 874KB - Virtual size: 873KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.version
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ