e654c5a2f29e179b561469f83a688b8c499f0e3270ace7219a0c5eacb931c5bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e654c5a2f29e179b561469f83a688b8c499f0e3270ace7219a0c5eacb931c5bd
Size

960KB
MD5

4fa1296b08dbec021071509288e74a44
SHA1

9fa107b2467dff4771d3848a40e0448a603dd641
SHA256

e654c5a2f29e179b561469f83a688b8c499f0e3270ace7219a0c5eacb931c5bd
SHA512

e0d03fb88d9b01d8aca8d73f4c093b6fef9495f5147a34cfd8133bfe20eed4e3af40a15c138d787524deb159e51a625dbe4185a9fa6e16cdb2cf4937ac5a31f4
SSDEEP

24576:dffgWz6ZO3G26uHIAELc7qGOQ58Lz2j29yIVyv/SmM//+:Rv6RPuoGpOQ5mijfIQvQ+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e654c5a2f29e179b561469f83a688b8c499f0e3270ace7219a0c5eacb931c5bd

Files

e654c5a2f29e179b561469f83a688b8c499f0e3270ace7219a0c5eacb931c5bd
.exe windows x86

92ebf9fc2ff4c6bd4f461499ca62583a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mfc42

ord5194

msvcrt

_acmdln

kernel32

GetModuleHandleA

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Exports

Exports

s_665754_134235_3563345_1231245_910384_0193848_login

Sections

.text
Size: 176KB - Virtual size: 260KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 768KB - Virtual size: 768KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ