11a911f962175202cf1cf714b4d50bfb50d1a1e27a4085fc775d02b3ac365a7f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11a911f962175202cf1cf714b4d50bfb50d1a1e27a4085fc775d02b3ac365a7f
Size

150KB
MD5

b535d5cac108766317eeb15ed57ef69a
SHA1

a56b247cc0dd3965fb336b264ecc48cbecc0baab
SHA256

11a911f962175202cf1cf714b4d50bfb50d1a1e27a4085fc775d02b3ac365a7f
SHA512

771fe00aa784c132f7ad294ef194c01b62b4e04c0807ad3c53e2eabcd2d86c1da40e57061f8aeed22d87c4f3df32dbd23fc246a07b62d5d55d984e41d33dd88c
SSDEEP

3072:38iPF5VGEK02g5FcMLKNXwSIWcGJ9ckhrrpYFgaQCny5bJHlfX9BrEEh:9PF5FHtIX8VGJ9c2rp70QdHVtBrEEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a911f962175202cf1cf714b4d50bfb50d1a1e27a4085fc775d02b3ac365a7f

Files

11a911f962175202cf1cf714b4d50bfb50d1a1e27a4085fc775d02b3ac365a7f
.exe windows:1 windows x86 arch:x86

efc228e650a63f4871e864dc32a803ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetLastError
GetModuleHandleA
GetProcAddress
CloseHandle
RtlUnwind

user32

GetCursorInfo

crtdll

__GetMainArgs
exit
raise
signal

ulib

?Initialize@ARGUMENT_LEXEMIZER@@QAEEPAVARRAY@@@Z

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 40B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 724B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc2
Size: 477B - Virtual size: 477B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE