9ea2d3d0d619ed1b47f968f0e2aa8888814f56e635616b14b4433ec4d4d6e2c9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9ea2d3d0d619ed1b47f968f0e2aa8888814f56e635616b14b4433ec4d4d6e2c9
Size

110KB
MD5

aa78e4099a8300006f8723a35c965df2
SHA1

34ae238f24c5b0282026aa331b5ee5f41ee6bed4
SHA256

9ea2d3d0d619ed1b47f968f0e2aa8888814f56e635616b14b4433ec4d4d6e2c9
SHA512

8292dca4b116f9aa32676eed327972cb719b6ef7ee9cf295cbbd891266ae747129af05767592dc5c5d5b5a3d38712eb3ba9d08392ec00aba6a8c21c296b3d49b
SSDEEP

3072:vwqD47EAUxVMwiVHrKDZRHLQ5SCsu2oh40kv3VucVEp:VqEAsMwAp5Fsu6vFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9ea2d3d0d619ed1b47f968f0e2aa8888814f56e635616b14b4433ec4d4d6e2c9

Files

9ea2d3d0d619ed1b47f968f0e2aa8888814f56e635616b14b4433ec4d4d6e2c9
.exe windows:4 windows x86 arch:x86

d14791a0fb48024b1c0c86673799c508

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetEnvironmentStringsA
CreateTimerQueueTimer
GetDriveTypeW
DebugActiveProcess
GetCurrentDirectoryW
CreateMutexA
TryEnterCriticalSection
CreateTimerQueue
GlobalWire
ExitProcess

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 41KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE