028069618d3365767427ceeed9d6604fc2c6a1ed548f443751e790432a47b507 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

028069618d3365767427ceeed9d6604fc2c6a1ed548f443751e790432a47b507
Size

14KB
MD5

9a16ebbeb43e4db5e8f8581147167d9e
SHA1

ee212a1f901ec334636f859e4af2f3ef267f541f
SHA256

028069618d3365767427ceeed9d6604fc2c6a1ed548f443751e790432a47b507
SHA512

bba12ab94226afbd541adafa7b701daa9096327cb4343c701535afd0430f895983802a7986c229dbb608b2f4a7ed0a0fdaa3643b429833426f8676d496850fc0
SSDEEP

192:pO/3p5n7omzteiOKbEy/7ofmzG0KHqhCpOhR8BUmGghfunnnnnno:I/377om5PzdzEKhCpOh6Uyhx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
028069618d3365767427ceeed9d6604fc2c6a1ed548f443751e790432a47b507

Files

028069618d3365767427ceeed9d6604fc2c6a1ed548f443751e790432a47b507
.exe windows:4 windows x86 arch:x86

6d7199e79a9c41a21160a3a46915bbc6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

psapi

EmptyWorkingSet

kernel32

GetProcAddress
LoadLibraryA
GetCommandLineA
CreateToolhelp32Snapshot
Process32First
CloseHandle
Process32Next
CreateWaitableTimerA
SetWaitableTimer
CreateProcessA
GetCurrentProcess
OpenProcess
LocalAlloc
LocalFree
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapFree
IsBadReadPtr
FreeLibrary

user32

TranslateMessage
PeekMessageA
wsprintfA
MessageBoxA
MsgWaitForMultipleObjects
DispatchMessageA
GetMessageA

msvcrt

_stricmp
_ftol
modf
atoi
strchr
sprintf

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ