14a95e41bbbd295e2a46c316b5db73852d953ec2a8551ff8fbfbc0dcc9d9d7d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14a95e41bbbd295e2a46c316b5db73852d953ec2a8551ff8fbfbc0dcc9d9d7d8
Size

1.4MB
MD5

80f8f5156f9613fa5046ea8e581e71d5
SHA1

90e7d41d1103bee442fb82db73264f80004162ea
SHA256

14a95e41bbbd295e2a46c316b5db73852d953ec2a8551ff8fbfbc0dcc9d9d7d8
SHA512

185da3b925ab1ece2ee914251e2acc98e5b12b0f310520bd244ca56301024e21f6d837bba06410aed1151961061f3e8f1d29be140ad02e49ef11fc26490ad946
SSDEEP

24576:ysO0RJ5VWuAuMchuVrKAf2SLPaYPbDGAfMKLeyohka3PvAigI4Viw:DvJMchIrKIVPaYXMKBjSvA7B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14a95e41bbbd295e2a46c316b5db73852d953ec2a8551ff8fbfbc0dcc9d9d7d8

Files

14a95e41bbbd295e2a46c316b5db73852d953ec2a8551ff8fbfbc0dcc9d9d7d8
.exe windows x86

f1931f61e5dc478aa6ed4fff8685796f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

crypt32

CryptStringToBinaryA

dbghelp

SymGetOptions

kernel32

InterlockedDecrement

user32

ShowWindow

advapi32

RegQueryValueExW

oleaut32

SysFreeString

msvcr100

_controlfp_s

msvcp100

?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z

wininet

InternetOpenA

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

shell32

SHGetFolderPathW

Sections

.text
Size: 385KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 831KB - Virtual size: 832KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ