9022c2b6217c9f66204e26cd54ef79f1d363b1676c291280a838636a97ee701b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9022c2b6217c9f66204e26cd54ef79f1d363b1676c291280a838636a97ee701b
Size

429KB
MD5

110b4c05a10decf2c6c8d2feb239ea6e
SHA1

d9eb210ae05a3d671cd0371a051c80ff46454488
SHA256

9022c2b6217c9f66204e26cd54ef79f1d363b1676c291280a838636a97ee701b
SHA512

8e24859075347dcc6b88f4cc958caf70938f75dd95cd0f370ae4baae4da321db07465f03af661c221ecba97d94f47c5cf509909c928a39243faa4b609a55aa92
SSDEEP

6144:IMLdAH5zolntXrJc8bskaWmsaKWtMcOOwcFUoHC3vHbSLHrSi/9URE4ak:IMLu5yntbScsZWmttaOdUJ3v7SLrdI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9022c2b6217c9f66204e26cd54ef79f1d363b1676c291280a838636a97ee701b

Files

9022c2b6217c9f66204e26cd54ef79f1d363b1676c291280a838636a97ee701b
.exe windows:4 windows x86 arch:x86

26d66412723580cf8324810dfa0935a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

RtlCaptureStackContext

kernel32

GetConsoleScreenBufferInfo
GetThreadLocale
GetCommandLineW

advapi32

CreateProcessWithLogonW

user32

EditWndProc

Sections

.text
Size: 426KB - Virtual size: 428KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 355B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE