126fe5a0aa40f4db3ba8aa63dc55e41f | Triage

Sharing

General

Target

126fe5a0aa40f4db3ba8aa63dc55e41f
Size

241KB
MD5

126fe5a0aa40f4db3ba8aa63dc55e41f
SHA1

e1b0f236f82b8f995d3101fcfb5e0c0aa2fac61f
SHA256

78759599f08047fac347198ce95de9fbf067666220b15867fd17f3a8d020d40a
SHA512

8b82f96ac86695e454dade7ac38f3f9cb7c8877a78c078bb4bcd5752b824b5cc026f961544f4a47756cdb14dea9f3bb8202fa14dbff261e9cc195fc4c8d6acc2
SSDEEP

6144:QtKPQGq+OhbnMfI5kp+Y/IzZ65rqSlIDkRLDD+QVwP5m4Av:QI3kMvc965rHbJ6oyk4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
126fe5a0aa40f4db3ba8aa63dc55e41f

Files

126fe5a0aa40f4db3ba8aa63dc55e41f
.exe windows:4 windows x86 arch:x86

ab127ad354a3eb9d69baf8d6b4e56bf8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
ExitProcess
CloseHandle
LoadLibraryA
CreateFileA
GetCurrentProcess

user32

CharLowerBuffA
CreateWindowExA
CloseWindow
SetWindowLongA
wsprintfA

advapi32

RegDeleteValueA
RegDeleteKeyA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueA
RegEnumKeyA
RegEnumValueA
RegCreateKeyA

Sections

.text
Size: 200KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ