ed854999999131a5adeb91e01a8aa9d624f3494852e64ad3e6a83b9936a3cb4a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ed854999999131a5adeb91e01a8aa9d624f3494852e64ad3e6a83b9936a3cb4a
Size

1.1MB
MD5

3fc1dd62a76e00fe5faa0d45ff28024f
SHA1

5bc6643dca18c1364d247f46de6da60b45cf32a1
SHA256

ed854999999131a5adeb91e01a8aa9d624f3494852e64ad3e6a83b9936a3cb4a
SHA512

27e031c8e04be08d7fc4ebd8ca0be80d93614c173e81df282bc59a9b36fdab00a7262a5a67cd57ad30cd8d314e75b7163f4c1b0ed8b6e600a19a66bb07a8bca8
SSDEEP

768:n/5inm+cd5rHemPXkqUEphjVuvios1rPr4adL0NqlJMU60+ppQ1TTGfLT:nRsvcdcQjosnvnZ6LQ1ET

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed854999999131a5adeb91e01a8aa9d624f3494852e64ad3e6a83b9936a3cb4a

Files

ed854999999131a5adeb91e01a8aa9d624f3494852e64ad3e6a83b9936a3cb4a
.exe windows:4 windows x86 arch:x86

7568fd2720750e36a6992434b5b7efe9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
Sleep
GetLocaleInfoA
GetFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
GetStartupInfoA
VirtualAlloc
VirtualQuery
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
HeapValidate
CloseHandle
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
GetFileType
GetStdHandle
GetCurrentProcess
DuplicateHandle
SetHandleCount
GetCommandLineA
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetFilePointer
ReadFile
GetConsoleMode
GetConsoleCP
GetConsoleOutputCP
WriteFile
SetStdHandle
DeleteFileA
SetConsoleCtrlHandler
MultiByteToWideChar
CreateFileA
WideCharToMultiByte
SetEndOfFile

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE