30fda2cee5933fc137e71135d8bfdadc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30fda2cee5933fc137e71135d8bfdadc
Size

337KB
MD5

30fda2cee5933fc137e71135d8bfdadc
SHA1

b2754cc31ff796fe45595acd0fd9c25771e6795d
SHA256

9ffde366d18c18670e801b6175493020055dc11d1043d380e39af3388dafb2d2
SHA512

5a1c27ea20e5a26af9bf9849f29e5cf0fd54c976d6912b7391e3dfc56f913d902a2c95d2a03c5d6e987171dca9fa42aa5a1be8b7fab887b35b570b9fd0938aef
SSDEEP

6144:IKPUwp1BUVCwNt8+2blyoAqiQSO3+ARldKEuRhcd7F:rUVpt8v4QSOOA/dKEyGdB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30fda2cee5933fc137e71135d8bfdadc

Files

30fda2cee5933fc137e71135d8bfdadc
.exe windows:5 windows x86 arch:x86

fec8218df8b40e961ff67b16f7aecdfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
DeleteFileA
ExitProcess

user32

GetCursor
GetWindowTextA
LoadMenuA

advapi32

RegEnumKeyA
RegDeleteValueA
RegQueryValueExW
RegOpenKeyA
RegDeleteKeyA
RegEnumKeyExA
RegFlushKey
RegCreateKeyA

Sections

.affd7
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.c3e30
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.41df5
Size: 274KB - Virtual size: 626KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.7e01
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ