da98128db39a769a8d19966f6d7c1707a96aef2b65c54946c9b12810da2c3c16 | Triage

Sharing

General

Target

da98128db39a769a8d19966f6d7c1707a96aef2b65c54946c9b12810da2c3c16
Size

3.9MB
MD5

93ddaa93e0b0a835a72138980012e359
SHA1

0efddd2ca079c134474dc9c31563592639ea6618
SHA256

da98128db39a769a8d19966f6d7c1707a96aef2b65c54946c9b12810da2c3c16
SHA512

ab024a3fa7faf160a2d27ca9b2adf23f9f559ea774bbbde52c7dde66974801a6c0cebd5f9deb8bbf409c831d874c156ce49c7ca48eba72873bb28095b8466b83
SSDEEP

98304:CmUOwL6WotKGnMj35Ph12Ireeqni4Zg2cNW0kSNcD6lgYVurMRz2htp:qZXosGMFuemdENcGFVu0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da98128db39a769a8d19966f6d7c1707a96aef2b65c54946c9b12810da2c3c16

Files

da98128db39a769a8d19966f6d7c1707a96aef2b65c54946c9b12810da2c3c16
.exe windows x86

b14f1c78d0a7ba2704b5a66bf6d1d12d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
ExitProcess
SetErrorMode
MultiByteToWideChar
GetProcAddress

user32

MessageBoxA
wsprintfA
EnumWindows

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

_except_handler3
free
malloc
printf

Sections

0000001
Size: 556KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000002
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

0000004
Size: 56KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

0000005
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE