d77e0fa117782c2ead17f323da7d9bb0N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d77e0fa117782c2ead17f323da7d9bb0N
Size

32KB
MD5

d77e0fa117782c2ead17f323da7d9bb0
SHA1

65451f5838f577c7ddba286fd85f0a28ce8e3897
SHA256

4990a937e39b563fee2864a6f105ede552d89c13fb273224cb9f2478c137559c
SHA512

2c5ab7a5cfc361c7a7eea4feb2d5d22c54f0894d245ac2bc2e875992f89f881581ff4d8d32a8a80e99eade44014651b9456e5fa30625412f7f220566d05c8ea6
SSDEEP

384:k7dDTmjSwsA0yXWcSQTMto0ml/mvc4yssiHruAWoNVjq:C/mjmFWJSBto+vrkiLuVo/j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d77e0fa117782c2ead17f323da7d9bb0N

Files

d77e0fa117782c2ead17f323da7d9bb0N
.exe windows:4 windows x86 arch:x86

ed8d9c9d8e3c92a83204bc1bb36f357c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Thread32Next
Module32First
CloseHandle
Thread32First
CreateToolhelp32Snapshot
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
GetLastError
FlushFileBuffers
SetFilePointer
MultiByteToWideChar
SetStdHandle

user32

GetClassNameA
EnumThreadWindows
GetWindowTextA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lif
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE