21fb4f9c72753adcba6f9c9f6d3eaf894373dafd9feadcab17178691c2ddbcfc | Triage

Sharing

General

Target

21fb4f9c72753adcba6f9c9f6d3eaf894373dafd9feadcab17178691c2ddbcfc
Size

15.6MB
MD5

42293612b5c0036b10bd41b8d69eb05b
SHA1

b3cc2d762fa680279b5909160a28414225856fba
SHA256

21fb4f9c72753adcba6f9c9f6d3eaf894373dafd9feadcab17178691c2ddbcfc
SHA512

df549d6ab0bf671171aeb88ca13f5b8e730e8b7211282dbd0354072ab33d34e60435f6a6061138c64720bb0a0ce81c29a79e69bfb433a67e3ae2b7d265741ed6
SSDEEP

393216:c0hSzf8X5rWa91wpdbJHh30v9WVLecONKMIlC6tGAHK:c0huX1+WotNKMIU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21fb4f9c72753adcba6f9c9f6d3eaf894373dafd9feadcab17178691c2ddbcfc

Files

21fb4f9c72753adcba6f9c9f6d3eaf894373dafd9feadcab17178691c2ddbcfc
.exe windows x86

88381b84da56810b869e897e6d45bd58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress

user32

EnumChildWindows

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm0
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vm1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vm2
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bxpck
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.main
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE