2024-05-30_3f22c18f0d889ae38f90054e70c89bb7_ | Triage

Sharing

General

Target

2024-05-30_3f22c18f0d889ae38f90054e70c89bb7_
Size

28KB
MD5

3f22c18f0d889ae38f90054e70c89bb7
SHA1

9c4523a6dfd71b49aeedd58e71c6ece6ec739330
SHA256

553674fcd4c4224b065edf1279e89e67b17963ed7c20e4da8bf7c24b8ae7010b
SHA512

cb3a6b92725a85c87dd54867ddeebc389f75ea5c3248b3f05dbda1096410088fabf757ceebfc12f060ef4d194b1a6b720c39cf5e3b27cc18113fb563ae3b3bd4
SSDEEP

768:pMno/tvxP3TDi1235Qc8QLbF/NZg3ehW8aEN:pMAtv9K12p/t/NZOe8PEN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-30_3f22c18f0d889ae38f90054e70c89bb7_

Files

2024-05-30_3f22c18f0d889ae38f90054e70c89bb7_
.exe windows:4 windows x64 arch:x64

15539da81a5edb0f9eade1fa5918c522

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

S:\src\github\yori\iconv\iconv.pdb

Imports

kernel32

GetConsoleScreenBufferInfo
GetStdHandle
GetLastError
CloseHandle
CreateFileW
GetFileType
ExitProcess
GetCommandLineW
WriteFile
WriteConsoleW
SetConsoleTextAttribute
GetConsoleMode
ReadFile
Sleep
ResetEvent
PeekNamedPipe
WaitForMultipleObjects
WideCharToMultiByte
MultiByteToWideChar
GetCurrentProcess
FormatMessageW
LocalFree
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesW
HeapAlloc
GetProcessHeap
HeapFree
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetSystemDirectoryW
GetVersion
GetEnvironmentVariableW
SetLastError
GetCurrentDirectoryW

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ