da7402331edd7f55d142b58ce67562577340ae58bbd129ee5e1bf55f4892c383 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da7402331edd7f55d142b58ce67562577340ae58bbd129ee5e1bf55f4892c383
Size

119KB
MD5

dd04361fbffad94d8f44899c070cb259
SHA1

94421c2db112e5c02f169f27b4c64721b7de7f85
SHA256

da7402331edd7f55d142b58ce67562577340ae58bbd129ee5e1bf55f4892c383
SHA512

aa68a58b72a0cd45b3bb4e3600d065f5fa53ea0d2aa59819f57bead7f09610e89ddf745a11fe652252d55afe906095b60a7d83d845ff58471a00226b35138dc8
SSDEEP

3072:DNSODXiCIlLbwFXN4idYAMIxmVOVfYVap55CcaPjS:D8cMdwFd4kGIcs1YVs5M7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da7402331edd7f55d142b58ce67562577340ae58bbd129ee5e1bf55f4892c383

Files

da7402331edd7f55d142b58ce67562577340ae58bbd129ee5e1bf55f4892c383
.exe windows:4 windows x86 arch:x86

fe0bc1ff6cfc34f595e5073e2a14e783

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
QueryMemoryResourceNotification
IsProcessCritical
WerpGetDebugger
GetSystemTimes
GetDllDirectoryW
DnsHostnameToComputerNameExW
GetThreadContext
NlsEventDataDescCreate
ReadConsoleOutputAttribute

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE