71592fec005505c5b4fc5c7dc1f1efa0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71592fec005505c5b4fc5c7dc1f1efa0
Size

296KB
MD5

71592fec005505c5b4fc5c7dc1f1efa0
SHA1

9361f878b3f00c6de1bf533b4a439b94b8e5d6c4
SHA256

3450188bac4d4b93f9d4a3f1328d3a0594e65b18d14892546cd8218fff1c2ec9
SHA512

9b9396040a3717d332d9587e9607620a82c2586da839a0a8871d35d5e5d40b1aaa26f5735741dfd04f46fa1f7c3abf9cad4441049d3aa7a7ef51ca08b4bbc65d
SSDEEP

6144:O4VmE25ZdQsPTpq4O2EA9rq6Z2lqVil/Z/J7mLfqqW2bBslV:e6sPTpMvAEoVixDaLfqqWeu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71592fec005505c5b4fc5c7dc1f1efa0

Files

71592fec005505c5b4fc5c7dc1f1efa0
.exe windows:4 windows x86 arch:x86

93e6ab744853178580942e835db97bc8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
GetExitCodeProcess
ResumeThread
SetLastError
CloseHandle
SetEvent
GetDriveTypeA
CreateFileA
FindAtomA
HeapCreate
LoadLibraryA
GetDiskFreeSpaceA
CreateThread
GetComputerNameA
LocalFree
GetFileAttributesA
GetSystemTime
GetCommandLineW
GetModuleHandleA

advapi32

GetFileSecurityA
RegEnumKeyExA
IsTokenRestricted
GetLengthSid
RegEnumValueA
CloseEventLog
RegCloseKey
RegQueryValueA
GetUserNameA
CreateServiceA
RegDeleteKeyA
FreeSid
RegCreateKeyExA

dsprop

ErrMsg
MsgBox
CheckADsError
FindSheet
ReportError

sysdm.cpl

NoExecuteRemoveFileOptOutList

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ