e212b62b8ff799be2f73210d75bc64fc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e212b62b8ff799be2f73210d75bc64fc
Size

135KB
MD5

e212b62b8ff799be2f73210d75bc64fc
SHA1

7e5558eb686eba2ea4d1e0ea44d8434c691f3446
SHA256

c2655fc14433353c05c0cde72d341f9aa84ba84fe88bce95adc568c572929d18
SHA512

b6b5e7c87c9e7a2cb16b02dd7d3ebf6d288db8129ef1ceae89c05db3bcfd6489ba2cf92bd8795b03988f2cef327d341a459b2fccb96c52120b278d122ada9cd0
SSDEEP

3072:83P57SYnZY6HFetjBMAe42dTTm98GHgAehnWZQLwpPeC:APjY6CepTTsTHgAep64w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e212b62b8ff799be2f73210d75bc64fc

Files

e212b62b8ff799be2f73210d75bc64fc
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

c5ead989089180e2305f9639f44cbe25

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleacc

LresultFromObject
CreateStdAccessibleObject

kernel32

WriteFile
FindClose
SuspendThread
EnterCriticalSection
GetLastError
DeleteCriticalSection
FreeEnvironmentStringsA
GetSystemTimeAsFileTime
FindFirstFileW
SetEndOfFile
InitializeCriticalSection
SetFilePointer
EnumResourceNamesA
GetStartupInfoA
ExitProcess
GetLocalTime
CloseHandle
ReadFile
Sleep
LeaveCriticalSection
CreateThread
LoadLibraryA

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ