628c0c3056012b513c16bde606b5b44d3ad1cce565d92bd0d54082bd5616176b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

628c0c3056012b513c16bde606b5b44d3ad1cce565d92bd0d54082bd5616176b
Size

51KB
MD5

77f0e4599909f9288482876f57e1a11e
SHA1

d14d19f54600489ed20787b6e78a1471df9d4163
SHA256

628c0c3056012b513c16bde606b5b44d3ad1cce565d92bd0d54082bd5616176b
SHA512

2844793ae7026e038653f725895a408a8290ca39b479e3f37102d53390da42aa2ed085f13fdb10415d12703143619551d609357072ccd5dd4ff6de6d11c98bdf
SSDEEP

1536:Z18loWELXK+pHwXEa61XMZCeEn7AxBRAZqVAKl:ZacLX5Hwo8soECAKl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
628c0c3056012b513c16bde606b5b44d3ad1cce565d92bd0d54082bd5616176b

Files

628c0c3056012b513c16bde606b5b44d3ad1cce565d92bd0d54082bd5616176b
.exe windows:4 windows x86 arch:x86

94e7b0d4631e74aa2a92409799d0185b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
TryEnterCriticalSection
TerminateThread
GetVolumePathNamesForVolumeNameA
SetFirmwareEnvironmentVariableW
GetDiskFreeSpaceA
CreateProcessInternalA
WriteConsoleInputA
GlobalGetAtomNameW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 51KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE