13976941dde8ecc08b45c7ecef71538d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13976941dde8ecc08b45c7ecef71538d
Size

484KB
MD5

13976941dde8ecc08b45c7ecef71538d
SHA1

865c0e0dff3855918599c01ef8fa3de7b7090a92
SHA256

57ed97a0c803faddcf21546832d448a666261377d84d64ce577d8c9c999c8c17
SHA512

92a30be51ee7db8282f98afa5cd6c104c9854357398debac6e2b20152100e743dfdbcbbf3ef9bd1943119987c2dbc9d781d93b251f43c8e76ab83fd5f0bc662a
SSDEEP

12288:2q+IzKQGlswqfznp2iaaM+aNsb7KsvOEVtwCVl5Kj:ow5zp2ial+a2W0zVl5s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13976941dde8ecc08b45c7ecef71538d

Files

13976941dde8ecc08b45c7ecef71538d
.exe windows:4 windows x86 arch:x86

ed6c154e95e088aa95ee8885cc96a36a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

LsaDeleteTrustedDomain

kernel32

GetCurrentThreadId
GetConsoleWindow

user32

GetMessageExtraInfo

Sections

.text
Size: 474KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE