821a60f40be10d42c25e468264c77b8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

821a60f40be10d42c25e468264c77b8b
Size

160KB
MD5

821a60f40be10d42c25e468264c77b8b
SHA1

de05b901f524adeb1993f6083bd9a5bb5a316305
SHA256

298616b1c6773c5087a4639dfb18c9d1b5586483c5c2f75e183271c731efd0cb
SHA512

037c09badd128c9cad1fc54eee3f63f8caa2111132e5ff82509429a494002c397f96368b664580a9075b70d950fd2018268288f845afc2761efbff9410488c80
SSDEEP

3072:ioa9THuv2MMMMM2MMMMMoH4ttgMPJSuTw2yzJSjN6iuxwEdOz1ERacSJ+M33sqj6:i1FMMMMM2MMMMMjH9w6byROs0hl/0ph

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
821a60f40be10d42c25e468264c77b8b

Files

821a60f40be10d42c25e468264c77b8b
.exe windows:5 windows x86 arch:x86

9fae8aaac5f62b98fc764c2aff5abffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

ExitProcess
GetModuleHandleA
GetStartupInfoA
SetErrorMode
GetCommandLineA
ReleaseMutex
CloseHandle
GetFileAttributesA
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
WaitForSingleObject
CreateMutexA
lstrcmpiA
lstrcpyA
GetEnvironmentVariableA
GetVersionExA
IsDBCSLeadByte
lstrcpynA
GetModuleFileNameA

user32

FindWindowA
GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA
CharNextA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ