75af8db1473c214b4616d07b2b059030de02151150401ad12d279397a334fb3e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

75af8db1473c214b4616d07b2b059030de02151150401ad12d279397a334fb3e
Size

2.8MB
MD5

00414116c95448935e0465349268ec84
SHA1

60323966f8a0881641e003dfed18f66c0dae90e0
SHA256

75af8db1473c214b4616d07b2b059030de02151150401ad12d279397a334fb3e
SHA512

92c2f68bf2946d0e149fb170b9876a93cdaf0a1d2e82b204bd73619a477602c5ce8912a452ae1bf4168a4e6ac7aa8fc143849588d3ff1bf0287e684159721b0a
SSDEEP

49152:5FMmIY0ojJpcmy5a5KGiR9Cw2fvXV6VoBJt9WDh6XmEkwsGlUEft:5FX0on75dw8RHQVoBz9q7GlUO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75af8db1473c214b4616d07b2b059030de02151150401ad12d279397a334fb3e

Files

75af8db1473c214b4616d07b2b059030de02151150401ad12d279397a334fb3e
.exe windows x86

bd217368bd74bbf529521ce94ae81720

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

DeregisterEventSource

kernel32

CloseHandle

netapi32

Netbios

gdi32

BitBlt

user32

EnumThreadWindows

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Exports

Exports

@@Unit1@Finalize
@@Unit1@Initialize
__GetExceptDLLinfo
___CPPdebugHook

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 789KB - Virtual size: 792KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ