34aaf32fdeb579bedbe89ed374773d48 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

34aaf32fdeb579bedbe89ed374773d48
Size

109KB
MD5

34aaf32fdeb579bedbe89ed374773d48
SHA1

e86948b11fd2543db2e3012c60419c61868035ba
SHA256

15592aeba9c46c410c1706c1d4c45ff61e7d02d1e3b2200b51e6e98691115294
SHA512

323e1e3e46f21d619e14fa276abd88ed33c6649c58cf9861feeb7cc8b0e13ab78c882c513b0bfe4de73e4d2bb5a69c067d40b819ad37ef6e16cc2ec269758677
SSDEEP

768:hQ5O5tqR1YkWbsn7/KB9b2YGGRzaj0cmd+q7aZa9UbJc1+jDBd5LtFYewnEFz8qy:G+MkkWbsravGGQ0nxUFc1+f9MvEFV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
34aaf32fdeb579bedbe89ed374773d48

Files

34aaf32fdeb579bedbe89ed374773d48
.exe windows:5 windows x86 arch:x86

3b46c242b9596782dbb20a3aa6274fe2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
RegLoadKeyW
RegDeleteValueW
RegOpenKeyA
RegOpenKeyExA

kernel32

ReadFile
ExitProcess

user32

GetWindowTextA
GetDlgItem

Sections

.aidh
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.mojkh
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.elofb
Size: 66KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ibpm
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ffgan
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 571B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ