64b44263938e83f9567d2d4f527513db737f2de0a48cbe37b202317efdb39ac1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64b44263938e83f9567d2d4f527513db737f2de0a48cbe37b202317efdb39ac1
Size

290KB
MD5

076696c122d08513153e1df5c41a46dd
SHA1

27c677a65001705335a8656b056f268bb4fa0fe6
SHA256

64b44263938e83f9567d2d4f527513db737f2de0a48cbe37b202317efdb39ac1
SHA512

20077def8b80445b789df9f92bdb09e78d00f6c6fe9419ea63a8978e9f0a0371e4f6f2fea80259fb48e29497b24aaada4af71c2a5f95c83f0b715c41eaf249b6
SSDEEP

6144:RbiKbwync8pbD54ccP75PATl4HJF2VeY+eRLcDCOtNugEetEIrq75:1iYwyncK3XU2l4pF2VeYDOtNugEetEI2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64b44263938e83f9567d2d4f527513db737f2de0a48cbe37b202317efdb39ac1

Files

64b44263938e83f9567d2d4f527513db737f2de0a48cbe37b202317efdb39ac1
.exe windows:5 windows x86 arch:x86

999a42947a1eb4861dfe28d24d12f311

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\PMS\pms4\Project(20131120)\GolfProject\bin\GolfProject.pdb

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

LoadAcceleratorsW

advapi32

RegSetValueExW

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

.text
Size: 278KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE