992fd99d8bf7480261ec86ffa83e8eb0N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

992fd99d8bf7480261ec86ffa83e8eb0N.exe
Size

66KB
MD5

992fd99d8bf7480261ec86ffa83e8eb0
SHA1

828fb536ebb1b3d024373595e7a4c96fb3e7f4a4
SHA256

a13d4bff6988607ad301b712c1841ede8dfb4530e1d6960206eab54decc2bd20
SHA512

ba85a899f0afdaaaf9534dd9aaf30f6a566bec420d603ff41db4a2d7d0a2ffa50275ff51378412f4695fb37d3d2507104d45a4257ed46732b4bad734561c5f39
SSDEEP

1536:NFrKm+52GnteItOUXQjg2i7fHt4qKibOeF2bs92gLmkeohi7auGBx7SijOLwhQks:NWUpNbf3xYt9DuiPa8Yj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
992fd99d8bf7480261ec86ffa83e8eb0N.exe

Files

992fd99d8bf7480261ec86ffa83e8eb0N.exe
.exe windows:4 windows x86 arch:x86

3efde678fe7f87cf39908049f24eb74f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetNamedPipeHandleStateA
QueryUnbiasedInterruptTime
RemoveDirectoryW
GetProcessHeap
GetCurrentProcessorNumber
SetThreadpoolThreadMaximum
SetProcessDEPPolicy
IsThreadAFiber
WerRegisterFileWorker
TrySubmitThreadpoolCallback

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE