f885a89c8a93c912d7e999cc43f6894d7b7df05b795f990dbfd366f92f0d255d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f885a89c8a93c912d7e999cc43f6894d7b7df05b795f990dbfd366f92f0d255d
Size

32KB
MD5

51bfb34d51e01920e229acd8737ef67e
SHA1

36ada8db9cdb2dba79d97dea23122bdae1af773f
SHA256

f885a89c8a93c912d7e999cc43f6894d7b7df05b795f990dbfd366f92f0d255d
SHA512

267db79765d3aa3766c7acb3e117a32687b44415b6c8363c7e7b0d4260dfc9c88925b5a981cd90b145cb18ef24066c0d604d7fd79363960c9133e4d28f7ffd88
SSDEEP

384:esuS9kngTew4BddElLV5og+a4luYlXRQEn8QlvvAD52:HuS9LdfLVegyFlXR9lvvAD52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f885a89c8a93c912d7e999cc43f6894d7b7df05b795f990dbfd366f92f0d255d

Files

f885a89c8a93c912d7e999cc43f6894d7b7df05b795f990dbfd366f92f0d255d
.exe windows:4 windows x64 arch:x64

46dc695288b735279ea15d606c492644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__getmainargs
clock
malloc
free
fopen
fclose
fread
fwrite
rename
remove

user32

PostQuitMessage
MessageBoxA
RegisterClassExA
LoadIconA
LoadCursorA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
GetDC
BeginPaint
EndPaint
SetTimer
GetWindowRect
GetClientRect
MoveWindow
ShowWindow
SetProcessDPIAware
ClientToScreen
InvalidateRect

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
SetBitmapBits
DeleteObject
DeleteDC

kernel32

CreateThread
CreateMutexA
WaitForSingleObject
Sleep
ReleaseMutex
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetLogicalDrives
CloseHandle
CreateProcessA

Sections

.text
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE