f3f676a04c2d33aa1ba78d40dc1c30b3697cc57295b359a8008449e19356b406 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3f676a04c2d33aa1ba78d40dc1c30b3697cc57295b359a8008449e19356b406
Size

7KB
MD5

0acb5c8a37e3ebcdee3a6ec1485b8a95
SHA1

149916f897e6f6bef030ee025f76b148f0408478
SHA256

f3f676a04c2d33aa1ba78d40dc1c30b3697cc57295b359a8008449e19356b406
SHA512

521c84b9778df677440837c41a741d59158ff5d8ad800d55a36917a408fc38ca977aa671900f2c24a82d336f7e550979ffe43de18b3055789cfe9f3e637e4803
SSDEEP

96:+kmEokwN7gCB+96FBGruvwcVRbU+Ama9eW2URNc53t0vMH6m+IubGd:cpN7gr9uBGruR5U+7Gk0vMF+IsGd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3f676a04c2d33aa1ba78d40dc1c30b3697cc57295b359a8008449e19356b406

Files

f3f676a04c2d33aa1ba78d40dc1c30b3697cc57295b359a8008449e19356b406
.exe windows:4 windows x86 arch:x86

8a9cd6a20a67a7b3860eea14b6378220

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gputils

gp_writeobj_write_coff
ord22
ord33
ord31
gp_message
ord29
ord40
ord1
ord2
ord3
gp_sym_push_table
ord20
_gp_coffgen_del_section@8
_gp_coffgen_del_section_symbols@8
gp_coffgen_find_section
gp_sym_get_symbol_name
gp_sym_get_symbol_with_index
gp_sym_get_symbol_count
_gp_coffgen_symbol_has_reloc@8
gp_coffgen_find_symbol
_gp_coffgen_del_symbol@12
gp_sym_get_symbol
gp_list_delete
_gp_coffgen_is_global_symbol@4
gp_sym_add_symbol

msvcrt

time
exit
fprintf
_iob
printf
_c_exit
_exit
_XcptFilter
_cexit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_unlink

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE