9dbf5af05ae2d45fc8ce35c33824db96200daa17a7a0c76897be03dd56749140N[.]exe | Triage

Sharing

General

Target

9dbf5af05ae2d45fc8ce35c33824db96200daa17a7a0c76897be03dd56749140N.exe
Size

128KB
MD5

030bde0a698bbc103e43756525cd7320
SHA1

3be6b03cd1157b4783e9f1d17749596035adbe03
SHA256

9dbf5af05ae2d45fc8ce35c33824db96200daa17a7a0c76897be03dd56749140
SHA512

91ac28fd6859ae2493879a88af7e60688507cf0dc6f7c90dc7e3e0b860e504042b9ec9d4f30d3fac88a4c89fbaa1f7ec3ea6d07456dc92895ef12c432886780e
SSDEEP

3072:ULselXPVHKCid5e/Hn73w1buGLclkNkNbo2YFwmjAv:U4A/VqCize/HD6bVLclktev

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9dbf5af05ae2d45fc8ce35c33824db96200daa17a7a0c76897be03dd56749140N.exe

Files

9dbf5af05ae2d45fc8ce35c33824db96200daa17a7a0c76897be03dd56749140N.exe
.exe windows:4 windows x86 arch:x86

c47d7ff9cd6fe51b6f668661fb7ba507

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyW
VirtualAlloc
GetPrivateProfileIntA
lstrcpyW
FindNextVolumeW
GetStartupInfoW
lstrcpyW
SetConsoleTitleA
GetModuleFileNameW
IsBadStringPtrW
GetModuleHandleA
GetLocaleInfoA
SetStdHandle
CreateEventA
GetFullPathNameA
SetCurrentDirectoryA
DeleteFileA
lstrlenW
GetNumberFormatA
lstrcpyW
TlsAlloc
lstrcpyW
GetCurrentProcess

untfs

ChkdskEx
Extend
Format
Recover

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RDATA
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EDATA
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ