014b72fdeec7642aaee5759e094842a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

014b72fdeec7642aaee5759e094842a5
Size

76KB
MD5

014b72fdeec7642aaee5759e094842a5
SHA1

6cda0c932c8b9047434b49236075f3af08eb02b4
SHA256

43b7594a10f9945e1152da0df5675c2af50bab7b2d31c7b50a769b8f1fec84f6
SHA512

02e84e96141d2ce5f98ddb765df056d77e1865d3b58f0436d9b1e83d4883eb82864b68be28f5fba9991cb85281e1e4f5208f9d14ab644b563abcdd4d43a6b04b
SSDEEP

1536:2P3CFmsD9mw4uCVPNpOn5AduVWo6L6jpjVrs2ryrd1vUQuq6:2P6msZYuCVzO5AcB6L6jHs2qo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
014b72fdeec7642aaee5759e094842a5

Files

014b72fdeec7642aaee5759e094842a5
.exe windows:4 windows x86 arch:x86

b043a6842dca4d97fb3870aae12430ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BaseInitAppcompatCacheSupport
CopyLZFile
lstrlen
SetCalendarInfoW
GetConsoleCursorInfo
ValidateLCType
LZCreateFileW
BuildCommDCBAndTimeoutsW
ReadConsoleInputExA
NumaVirtualQueryNode
LZDone

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.brdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE