1407cbb0a64666f29ada1ef6d127bd13 | Triage

Sharing

General

Target

1407cbb0a64666f29ada1ef6d127bd13
Size

53KB
MD5

1407cbb0a64666f29ada1ef6d127bd13
SHA1

b2c791fcd0d215ddd405a91aae5cd79ba3e81c9e
SHA256

75e518b42cec8ba4a5c96c585306e89ece881d7acf7e99d52a66982d779cae33
SHA512

5318908f9ca096a5e5f17925924948e0710a38723e4a4d7ec036192df3163249e9b8496aa627a403516c4fd33675e5a34367d726766779b58b232c1801dd4a85
SSDEEP

768:l2pSe3JazKato738nHMWMGLXckAVzWJo9ZbkA5Vx+qi6s4jqTi5cfk4lCGM:l2pZLLKHMWLskA755j+hFaJ5cfllCT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1407cbb0a64666f29ada1ef6d127bd13

Files

1407cbb0a64666f29ada1ef6d127bd13
.exe windows:4 windows x86 arch:x86

ec79de03a51a38bcf5591096ef64c5d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

mpr

WNetGetUserA

wsock32

WSACleanup

wininet

InternetReadFile

Sections

.text
Size: 47KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE