ded918a039c51ad8d0e97f52727479e29828a29457f2607fcd667ed1352484af | Triage

Sharing

General

Target

ded918a039c51ad8d0e97f52727479e29828a29457f2607fcd667ed1352484af
Size

1.3MB
MD5

a40b1429e7d163fe6fb266f9769a6eff
SHA1

ff7804cffdfe485b2a48016c96056553ce13ac12
SHA256

ded918a039c51ad8d0e97f52727479e29828a29457f2607fcd667ed1352484af
SHA512

0680f756d70c3318168912a74bce8171da69b052591e507a629ffbafd557559a1563eb8cdc76f3845b15685c6a1f83390fe6bb214544471cd1290373dc9e9cb0
SSDEEP

24576:0JXk9EnGpDCdTWfdJJFc8KWJv7pm1b+5zy7h3TE++++6++++6++++6++++6++++s:0JU9Oyc8KD4Ny72++++6++++6++++6+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ded918a039c51ad8d0e97f52727479e29828a29457f2607fcd667ed1352484af

Files

ded918a039c51ad8d0e97f52727479e29828a29457f2607fcd667ed1352484af
.exe windows x86

ba6dc817222e7ea5e5d308f37f3ba97b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc100

ord14061

msvcr100

_invoke_watson

kernel32

HeapSetInformation

user32

ReleaseDC

gdi32

CreatePen

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 83KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 903KB - Virtual size: 904KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ