98efa07826db52224c6570480c089938f9b10518141ce8b8cce6cd28b878afcc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98efa07826db52224c6570480c089938f9b10518141ce8b8cce6cd28b878afcc
Size

74KB
MD5

57ce821e550a6b27ad6f700af1388de1
SHA1

475e893d9c94f998deec49c4c11cc8f15b1d528e
SHA256

98efa07826db52224c6570480c089938f9b10518141ce8b8cce6cd28b878afcc
SHA512

705ae722d85b5816f07a832855508c5a36dc42a8c8a129844e89c718fe435c2add543a5314edbdf7b8df47fbb060e770841de6a8065ba3755f00b1b8a4dbeb41
SSDEEP

1536:1JoSST4YsYpWvd5cvWU11m+b8gkIOUlzt9rerEqSC:n1S6jvCJ9QIrberz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98efa07826db52224c6570480c089938f9b10518141ce8b8cce6cd28b878afcc

Files

98efa07826db52224c6570480c089938f9b10518141ce8b8cce6cd28b878afcc
.exe windows:4 windows x86 arch:x86

e95e3c19c1b1846eddfe9b97188d572c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateProcessA
CreateProcessW
DeleteFileA
ExitProcess
GetCommandLineW
GetModuleFileNameA
GetProcessHeap
GetStartupInfoA
GetStartupInfoW
HeapAlloc
ReadFile
SetFileAttributesA
SetFilePointer
WriteFile

ntdll

NtFlushInstructionCache
NtOpenKey
NtProtectVirtualMemory

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE