222d07639c098150cd9469760499f17e3dd9f19c14d3304bb7649a662f77f4cfN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

222d07639c098150cd9469760499f17e3dd9f19c14d3304bb7649a662f77f4cfN
Size

403KB
MD5

2192cb6a983f906dea29636e927efd80
SHA1

5119e203549660427ee5bede2e5f605595916759
SHA256

222d07639c098150cd9469760499f17e3dd9f19c14d3304bb7649a662f77f4cf
SHA512

c0b9a7bda0dea85ee4487dd91130a439a7b471752987a9dee164dfbc7276d55ce3e62669c0876728e8c8a05bbf19131c78de3ba896f1ed8562780c33d55c0a30
SSDEEP

12288:F3uGQJS3/1ItwOpwFXGk6Jn0lgTvy8tuDNbS:IGp/OCOOFX96hzqWuJS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
222d07639c098150cd9469760499f17e3dd9f19c14d3304bb7649a662f77f4cfN

Files

222d07639c098150cd9469760499f17e3dd9f19c14d3304bb7649a662f77f4cfN
.exe windows:5 windows x86 arch:x86

0cf28df2a4ad8d066b3ecf081c8cb33e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetPrivateProfileSectionA
ResumeThread
DeleteFileA
lstrlenA
TlsGetValue
LoadLibraryW
GetFileAttributesW
CreateMutexA
DeviceIoControl
ClearCommBreak
VirtualProtectEx
GetCurrentThread
HeapDestroy
CreateEventW
GetStringTypeW
GetPrivateProfileIntW
DeviceIoControl
HeapFree
SetLastError
GetProcessHeap
GetDriveTypeA

rasapi32

DwRasUninitialize
RasDeleteEntryA
RasDeleteEntryA
DwEnumEntryDetails
DwRasUninitialize
DwEnumEntryDetails
RasDialA
DwRasUninitialize
RasDialA
DwCloneEntry
DwEnumEntryDetails
DwCloneEntry
RasDialA

pdh

PdhAddCounterA
PdhCloseLog
PdhGetLogFileTypeA
PdhGetLogFileSize

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 480KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 397KB - Virtual size: 397KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 288B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ