25f8842c942a4e6d3136fcb6a53b264d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

25f8842c942a4e6d3136fcb6a53b264d
Size

2KB
MD5

25f8842c942a4e6d3136fcb6a53b264d
SHA1

ab9ad7953cf85453ae6a441c2527e627b670aa74
SHA256

e84b97b769a317df1da900f07516f98365097544f7e08994617fe8319f93cff4
SHA512

f923ed8d2f5978812b9a3575ed5a9385c5a4e35bbffcde24ecbe7ed090f29ac8e99792d536b1e095902e850a7b5c780a93354568c7e48d5bbd737baae5f46e92

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25f8842c942a4e6d3136fcb6a53b264d

Files

25f8842c942a4e6d3136fcb6a53b264d
.exe windows:4 windows x86 arch:x86

43b7932ec5184bfd2413ee753803e49a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateToolhelp32Snapshot
ExitProcess
GetExitCodeThread
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
Process32First
Process32Next
SetFileAttributesA
Sleep
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrlenA
CreateFileA
CopyFileA
OpenProcess
CloseHandle

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE