debdb71f15024c92520e37d1a0249786 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

debdb71f15024c92520e37d1a0249786
Size

729KB
MD5

debdb71f15024c92520e37d1a0249786
SHA1

b341b37b65060651e152a9cac7b339bb7c121ce3
SHA256

07a4236115c9e0bda527e91faa444adf47ceacbea4e799e4bc7bf09c794dde28
SHA512

8e846bc881cb36a41743fcc45143f2b74c9a7a56bfe419980e2ec30054c5edd7c54facaadd0a63484a625fb306e388ed603db68523535b211c9b82876ce8b6cd
SSDEEP

12288:KbKSDnHIAFE5DzF1UUVUOdMa3JLi779XzZt58eKpieycV74SxV9Xwd:KbzIAFE5DpyUfLi7Lv8eKDV7RV9Xm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
debdb71f15024c92520e37d1a0249786

Files

debdb71f15024c92520e37d1a0249786
.exe windows:4 windows x86 arch:x86

748e982395d3839a5dcf9f32a043dab3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
FindClose
FindFirstFileW
GetLocaleInfoA
GetVolumeInformationW
GetFullPathNameW
CreateFileW
SetErrorMode
GetVersionExW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileTime
HeapFree
HeapAlloc
GetProcessHeap
RtlUnwind
HeapValidate
IsBadReadPtr
RaiseException
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetStdHandle

msvcrt

_initterm
_iob
pow
fprintf
?terminate@@YAXXZ
free
exp
_initterm
malloc
_adjust_fdiv
exit
_CIpow
_ftol
__CxxFrameHandler
_purecall
_except_handler3

msvfw32

ICInfo
ICOpen
ICSendMessage
ICClose
ICGetInfo

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ