f3f03f3b41e10d979493448fc197e50e5d7260f4cda28f86dde8f3bebb74c952 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f3f03f3b41e10d979493448fc197e50e5d7260f4cda28f86dde8f3bebb74c952
Size

5KB
MD5

fa16e0e6d343c7966021037d5675efb9
SHA1

5580d2b96da00bffdbad15bb61458c2bcf82cd5e
SHA256

f3f03f3b41e10d979493448fc197e50e5d7260f4cda28f86dde8f3bebb74c952
SHA512

dd5d1de5945fa52d9eb489d5f63d51e7e80ef19578fe4e6a9c72dbd398c8e9cfe211306c024424617c922a6dabe9d96d009685cd89d1e86c2ad9156b378b2713
SSDEEP

96:KqesKOyq9BLeSZ+WSPt9tmPCYsibGd4EWwqoPEWw:K6XyqjLeSxa9tmPCYsAGdRWwqoPEW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3f03f3b41e10d979493448fc197e50e5d7260f4cda28f86dde8f3bebb74c952

Files

f3f03f3b41e10d979493448fc197e50e5d7260f4cda28f86dde8f3bebb74c952
.exe windows:5 windows x86 arch:x86

5703c7aeacdc8205e0eff4f49531509b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
CloseHandle
LocalFree
FormatMessageW
GetLastError
CreateProcessW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter

user32

MessageBoxW

msvcrt

swprintf
_c_exit
_exit
_XcptFilter
_cexit
exit
__initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

ntdll

NtQueryInformationProcess

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE