2943417b56b3169af485be87dd78a9a0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2943417b56b3169af485be87dd78a9a0N.exe
Size

320KB
MD5

2943417b56b3169af485be87dd78a9a0
SHA1

9c88f6d529ece3c44ee543281c12a0c74093c68d
SHA256

61766cf92dbd115f521450c4ecc987ffac36bb99a2af6e823067f0cf329cf021
SHA512

9a7d6da2c1c898f0601763d1feb0acab5071e8d56b493a52f67c6ed4be0d5279b1bdb0605bd41bec0fd58ebb7ff1434c5e1e877e051eb7c58e528ded92dcc3c2
SSDEEP

6144:vFvKTH2RfS155ONNXBuWoJBO9OMbHLkAqF7Ief9UmM7/uT:vM72EB0NxDIBuOFe7/uT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2943417b56b3169af485be87dd78a9a0N.exe

Files

2943417b56b3169af485be87dd78a9a0N.exe
.exe windows:4 windows x86 arch:x86

e33eaafd59f7fd39520268b40c96eda3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCPInfoExW
PeekConsoleInputA
RemoveDirectoryA
ReplaceFileW
DecodePointer
WaitCommEvent
VirtualFreeEx
GetCurrencyFormatW
GetModuleHandleExA
SetWaitableTimer
GetFileAttributesW
IsBadCodePtr

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE