e0a39cba2617d4c9c871bde21ac3ef9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e0a39cba2617d4c9c871bde21ac3ef9d
Size

22KB
MD5

e0a39cba2617d4c9c871bde21ac3ef9d
SHA1

ee1d451bba3a9be08efeb8d0e9248b87be0385db
SHA256

733da3f780e54d53a038bebd496c566716adf2be9fa864ae621f52ec6cedd5aa
SHA512

46f2ff4ef4be5ae7905790cc79448cccdc2ce764205651c49e6da7455730b31414b2f9399f01e03ba9cfb96f211e73d8d9addb655d642646dec5720d01ad5116
SSDEEP

384:W1dL4hrWTmNH1nl3fBFXhmLGW4gAZRP4lLLBDrUf/PCUxvM:wdL211nlvTRmLpN/lLZUfi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e0a39cba2617d4c9c871bde21ac3ef9d

Files

e0a39cba2617d4c9c871bde21ac3ef9d
.exe windows:4 windows x86 arch:x86

f9233cad3b1877734626560d7fa257d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetVersionExA
GetSystemDirectoryA
LockResource
GetCommandLineA
QueryPerformanceCounter
GetStartupInfoA
TlsFree
GetOEMCP
SetStdHandle
Sleep
GetEnvironmentStrings
WideCharToMultiByte
FindClose
InterlockedCompareExchange
GetCurrentThreadId
FileTimeToLocalFileTime
GetACP
GetModuleHandleA
SetConsoleCP
VirtualProtect
ExitProcess
HeapAlloc

lz32

LZClose

advapi32

RegCloseKey
RegQueryValueExA
RegQueryInfoKeyA
CloseServiceHandle

msvcrt

realloc
wcstoul
_unlock

user32

GetMenu
IsDialogMessageA
InvalidateRect
ScreenToClient
wsprintfA

ole32

CoCreateInstance
StgSetTimes

gdi32

SelectObject
MoveToEx

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE