26544b7587ebcea8d14ad6201fe2d790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26544b7587ebcea8d14ad6201fe2d790
Size

176KB
MD5

26544b7587ebcea8d14ad6201fe2d790
SHA1

26ea375a04d726ac9ff26398b7bda0e578aefc43
SHA256

3a1f94fb021707bad539ebf3fa5f64dbf31e0aa4ce8fd70ea4a8b5747162e991
SHA512

a2632108589fb666628315ac032e1ef583ac738f28d1ff594b5bbac2eb9deebecc05ba6455a825880243408012a88b01fa2e0a5916b410739a43c5fa8f5c153d
SSDEEP

3072:4eroqc+Mf0wVMX3Mvkeyd64mz0TFj4qtQSXaIr2ls8QVAhCVbTJrMfIfEUoGESqU:4erxckwU3P3m0TFFDqA8IAkQfIfEp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26544b7587ebcea8d14ad6201fe2d790

Files

26544b7587ebcea8d14ad6201fe2d790
.exe windows:5 windows x86 arch:x86

5e65364987a2838cf965cbf641233dec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_cexit
_exit
__p__fmode
__setusermatherr
_XcptFilter
fseek
__p__commode
fread
__set_app_type
_controlfp
wcstombs
strspn
_initterm
_ismbblead
exit
wcspbrk
_amsg_exit
ungetc
__getmainargs

kernel32

FindResourceA
SetCommBreak
GetDateFormatW
CreateFileW
GlobalFlags
DeleteFileA
SearchPathW
FileTimeToDosDateTime
CreateThread
WaitForMultipleObjectsEx
GetShortPathNameA
MoveFileA

Exports

Exports

_ReplyMessageReplyMessageReplyMessage@0

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ