14114de17fb98cba21bb80293f5e490d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14114de17fb98cba21bb80293f5e490d
Size

264KB
MD5

14114de17fb98cba21bb80293f5e490d
SHA1

ab837dd8a6ffd48937608411c76ff3afc8f648cd
SHA256

7dfcfabb90f53ca3dde368c067262430f7ded3363b8b4de8fe4f4326383455cc
SHA512

5576b2fd276b0b6f3a7d24b8c23bb7c6cf82b3fbffbf9eb502989530341530b9f8a735b9b9cb39786b714d9603e2b47570e3b901a96dd9450ac6b74827ee4a72
SSDEEP

3072:5WmXAnnmhpYcRcT9hYsaOMMQqrnyxl7IFVsDtmngcGVfBsnW5bj7W7s5DbXUj4F9:5WmXiypv04sa1M9ryxSFW0zGJBMJKSM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14114de17fb98cba21bb80293f5e490d

Files

14114de17fb98cba21bb80293f5e490d
.exe windows:5 windows x86 arch:x86

c94bcd17fa299ff8fe9b5ebff88bc79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyA
RegOpenKeyA
RegDeleteKeyW
RegDeleteValueA
RegEnumValueA

kernel32

ExitProcess
GetLastError
GetCPInfo
DeleteFileW
GetLocalTime
DeleteFileA
FindClose
HeapAlloc
lstrlenA
WriteFile
OpenFileMappingA
HeapFree
GetFileTime
GetStdHandle
CopyFileExA
FreeResource
GlobalFree
lstrcmpA
ReadFile

user32

AppendMenuA
GetDC
CopyImage

Sections

.4fhgd
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.570h7
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.0e0c
Size: 227KB - Virtual size: 570KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.15aa
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ