73de82550951c439cf4b0d8a149a7f3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73de82550951c439cf4b0d8a149a7f3a
Size

112KB
MD5

73de82550951c439cf4b0d8a149a7f3a
SHA1

0afed6ca957b50865407f54f3abd192f3eadb26b
SHA256

e6d1ab0acba3efde59b8f7439173ac667414de7544bc92e52b5dd1955a2a3def
SHA512

164deb3562385ae1c5c506c82919c2197576c7bca8f85f7fbbb51d02fcbbe324c94bb08ea27926ac53aefbe979419e5fcc630d0bd1c72444596739bd2f34fc52
SSDEEP

3072:je66fih8u2rdToDqoDSP0FMuxWYXioPgP+:ph4w9fFH/vPg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73de82550951c439cf4b0d8a149a7f3a

Files

73de82550951c439cf4b0d8a149a7f3a
.exe windows:4 windows x86 arch:x86

4b755243a52672acbe4c30a4c8400f7e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
IsBadStringPtrA
GetCommandLineW
WriteProcessMemory
HeapSummary
FindFirstVolumeA
GetPrivateProfileSectionNamesW
GetCommState
SetFileAttributesA
ReplaceFileA
VirtualAllocEx
ExitProcess
GetConsoleTitleA

user32

ScrollChildren
InsertMenuItemW
LockWindowUpdate
InvalidateRect
EnumDisplayDevicesA
LoadBitmapA
PtInRect
LoadBitmapW
GetClassInfoA
EnumWindowStationsA
CallNextHookEx

gdi32

SetBoundsRect
PolyTextOutA

Sections

.text
Size: 100KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.textbbs
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ