00d42ba845c1e61203c3a15cdfbcf43d | Triage

Sharing

General

Target

00d42ba845c1e61203c3a15cdfbcf43d
Size

363KB
MD5

00d42ba845c1e61203c3a15cdfbcf43d
SHA1

7539311e83f61f990d12c2341e33446be74e21bc
SHA256

e7656d5afcd8ffe275394efed64f5ee862fc23e29f48f2b3ef43e122543382e2
SHA512

ab44cb83e01113d8997841e9a39acd239f8db4ce84911767d0616bf6cdec51e159aa5435ef8ad4898d66d3a54b106d12c2049f0e142d34ad66d1c3f9fd9e2aab
SSDEEP

6144:PO4nACNV1ik25godBj66DsHaYZ2d7muze1Go+kvBXzj+uX1e4uPAqDes2u:K0F25hBjKlZ2lHzex+kvZYPGM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00d42ba845c1e61203c3a15cdfbcf43d

Files

00d42ba845c1e61203c3a15cdfbcf43d
.exe windows:4 windows x86 arch:x86

41507753530d76bf751bd1509806ec8e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

Sections

CODE
Size: 358KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE