571b1906ad3446df4ab5e35d23eb7bc0e72f467e44121b3a044c0794e7df5b03 | Triage

Sharing

General

Target

571b1906ad3446df4ab5e35d23eb7bc0e72f467e44121b3a044c0794e7df5b03
Size

848KB
MD5

09024f731b60a0ed91bddfc98e3562ec
SHA1

2d365f0f1567b0e9aa388da589bf0ea6777d649a
SHA256

571b1906ad3446df4ab5e35d23eb7bc0e72f467e44121b3a044c0794e7df5b03
SHA512

9c4e3f1b1c3a8ff8019b4637c0dab1387458f3e0211e817aca33ea8d4fa77bc9c964cf876dddaeab06cde6eab5779df45cfdf6aec3bed1e32ffffb76fdd1a8da
SSDEEP

24576:C1wVEKdE4pHZIivwZ66YrixYqcZV38cTuImmVF1g3o9/vNP:IwVC4p5IioZ66Yryco5IB03a/vNP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
571b1906ad3446df4ab5e35d23eb7bc0e72f467e44121b3a044c0794e7df5b03

Files

571b1906ad3446df4ab5e35d23eb7bc0e72f467e44121b3a044c0794e7df5b03
.exe windows x86

e195a3f175e62fc969e161db93d9bc02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile

user32

wsprintfA

wininet

FtpOpenFileA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 40KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sedata
Size: 788KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ