1391f20aeb9558aa165fee86264b5355 | Triage

Sharing

General

Target

1391f20aeb9558aa165fee86264b5355
Size

330KB
MD5

1391f20aeb9558aa165fee86264b5355
SHA1

479f130493425ae2029680edefe8132c6284e41f
SHA256

16246d9e97dc436da7ca6ff22445b599fb94b1e94a7af1210f73ae0c1df6998b
SHA512

443b7dcfd5788497c9127a5cde0366c2b2ed7ac6535dd3ba69403705c2a7fcc6e9d930a96bb618c20a1228ed423fe42612bff4c4ab8f09c11d1048c495c6b3cf
SSDEEP

6144:Xu0DIyA7YLVFxWM2u1pHExxRffIHC52nKTk6Ma8Y/VqaQXHEUBwv3p+e72:XuyAcLff2u/yROC52HJvxXHEG8IN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1391f20aeb9558aa165fee86264b5355

Files

1391f20aeb9558aa165fee86264b5355
.exe windows:4 windows x86 arch:x86

f36014481b7ab74b1bf2185e65a1235e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalUnlock
LoadLibraryW
GetModuleHandleA
FindVolumeClose
ResumeThread
CreateFileA
GetCommandLineW
GetSystemTime
GetDiskFreeSpaceA
CreateThread
lstrlenA
GetTickCount
ResetEvent
GetComputerNameA
SetLastError
GetDriveTypeA
CloseHandle
GetDateFormatA
HeapCreate
LocalFree

advapi32

RegQueryValueA
CreateServiceA
FreeSid
RegCloseKey
RegEnumKeyExA
GetFileSecurityW
RegEnumValueA
RegDeleteKeyA
RegCreateKeyExA
IsTokenUntrusted
CloseEventLog
GetLengthSid
GetUserNameA

clbcatq

SetupOpen
DllGetClassObject
CheckMemoryGates
SetSetupSave
ComPlusMigrate

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 728KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ