219fac6f6345d1c559bf13ab73f48f64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

219fac6f6345d1c559bf13ab73f48f64
Size

109KB
MD5

219fac6f6345d1c559bf13ab73f48f64
SHA1

cc9c04a1218c0176577b5c75e3f3ce39b78de36c
SHA256

77ec68c588f22ac48e82e91e4cb327af94c6cb6562ee16e272bb390f4e1336a1
SHA512

8e6bf1734f1353a32d11d9936446c79d48b2eea32a095ec25df11b4795d0b5aba9ce2960f2d3e12b35c1d8b629d76f6099df4c63fcf75611d4e31d6a8509cfb2
SSDEEP

768:FQ5O5tqR1YkWbsn7/KB9b2YGGRzaj0cmd+q7aZa9UbJc1+jDBd5LtFYewnEFz8qy:K+MkkWbsravGGQ0nxUFc1+f9MvEFV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
219fac6f6345d1c559bf13ab73f48f64

Files

219fac6f6345d1c559bf13ab73f48f64
.exe windows:5 windows x86 arch:x86

3b46c242b9596782dbb20a3aa6274fe2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
RegLoadKeyW
RegDeleteValueW
RegOpenKeyA
RegOpenKeyExA

kernel32

ReadFile
ExitProcess

user32

GetWindowTextA
GetDlgItem

Sections

.aidh
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mojkh
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.elofb
Size: 66KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibpm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffgan
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ