74cff12e9aad056d61ded6dcfa6202ff5e65d0efe008ce010f9922475b3b41ac | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74cff12e9aad056d61ded6dcfa6202ff5e65d0efe008ce010f9922475b3b41ac
Size

9.9MB
MD5

3e01e2846e9cda11079c000e92aa6d66
SHA1

19c1e8e27a8a305702163793032ca8130e7cb9b5
SHA256

74cff12e9aad056d61ded6dcfa6202ff5e65d0efe008ce010f9922475b3b41ac
SHA512

373134e9e39211b4b95542d1ab04543d7e077ee8fa9b82627114095a6e0e49642bbf4c240437dda487f15f83fd9b3955187e925e651daf3ac26ebd2873aee189
SSDEEP

196608:rxW0vHGnEJdtrKQh5T/l/i0yYijZqa89x+t2ebs5YVvfu5z8r4zPb0liaBx:1W0vfdoQnxaxql42KRfu5zfPwliaBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74cff12e9aad056d61ded6dcfa6202ff5e65d0efe008ce010f9922475b3b41ac

Files

74cff12e9aad056d61ded6dcfa6202ff5e65d0efe008ce010f9922475b3b41ac
.exe windows x86

6d1830ae93d0beedb2b3d5b8c48572ad

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 9.2MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 779KB - Virtual size: 780KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ