71d1748e66dc8e9a4eb28cd1d20d9764 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71d1748e66dc8e9a4eb28cd1d20d9764
Size

100KB
MD5

71d1748e66dc8e9a4eb28cd1d20d9764
SHA1

31473767bec041055def2b4dceedd9e2be972b66
SHA256

ab947be16c5b653b6e79ce9d2a183cc047e7bfbc595640a21c8d391ada8c2a6b
SHA512

4fa0d0e0733d3b8a738970a3d17aac1c825f50572f271728d931c2fc9431fbb01cfec796e65a66f0ff7a02af4758d30c25ef267bf0f9309f5ae958cb7d4e9e3b
SSDEEP

1536:yipZ9YvmvuEVWsFXRAej9KbVcHbZXxpTWtGlsNwFZIvxF24fwdhWWxw/Z4Ro7:yi3MeVvFBjKh6NBpTWMxFZqQBU4C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d1748e66dc8e9a4eb28cd1d20d9764

Files

71d1748e66dc8e9a4eb28cd1d20d9764
.exe windows:4 windows x86 arch:x86

55f397dc13e52c6c736be1516594ab86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
MultiByteToWideChar
SetFilePointer
DeleteFileA
GetLastError
GetTickCount
GetCurrentProcess
CreateProcessA
GetModuleFileNameA
ReadFile

ole32

CoInitialize
OleCreate
CoUninitialize

user32

DispatchMessageA
CreateWindowExA
TranslateMessage
GetMessageA
GetSystemMetrics
ShowWindow
MessageBoxA
PostQuitMessage
DestroyWindow
SetWindowLongA

advapi32

RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegSetValueExA

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHGetMalloc

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1018B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ