07f800ef662b59d31e1b57122541d2ac | Triage

Sharing

General

Target

07f800ef662b59d31e1b57122541d2ac
Size

325KB
MD5

07f800ef662b59d31e1b57122541d2ac
SHA1

2a96c2f2ea7440f3a322a917007d97a08c6cc276
SHA256

1445992f043750980b2081da2b624134affdad45957efb7bd6e20a6f8250f26b
SHA512

3e31bd26de9f7a8d093d0fc2dbae9a83141d2803d723f83b72b312a00045a51e1c3f1bf3c5afe30e4553cc231c0b9a3250de7eff712966a883a44a7eee97454e
SSDEEP

6144:gbgpd5NG3XXnRI2RZfdM5rkVYIWNJnXyEtBfCvoK8CUmt6CAWctDpv:UgP/IXRIGdMNkiIEJnXWzbUVtWctDpv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07f800ef662b59d31e1b57122541d2ac

Files

07f800ef662b59d31e1b57122541d2ac
.exe windows:4 windows x86 arch:x86

502bcc859e4b2426b372e3dda424d4e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
ResetEvent
GetExitCodeProcess
GetDiskFreeSpaceW
SuspendThread
SetLastError
GetModuleHandleA
HeapCreate
LocalFree
GetSystemTime
TlsGetValue
LoadLibraryW
GetCommandLineW
GetTickCount
CreateThread
CreateFileA
FindAtomA
SetEvent
GetFileAttributesA
CloseHandle

advapi32

RegQueryValueA
RegEnumKeyExA
IsTokenRestricted
GetLengthSid
RegCloseKey
RegEnumValueA
GetFileSecurityA
CredFree
RegDeleteKeyA
RegCreateKeyExA
CloseEventLog
GetUserNameW
CreateServiceW

cryptui

LocalEnroll
CryptUIDlgCertMgr
CryptUIDlgSelectCA
WizardFree
CryptUIDlgSelectStoreA

powercfg.cpl

CPlApplet

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 315KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ