71e455fcc96a4f798417b8a0e5998303 | Triage

Sharing

General

Target

71e455fcc96a4f798417b8a0e5998303
Size

20KB
MD5

71e455fcc96a4f798417b8a0e5998303
SHA1

1da31436bd6c707fbd7dc3e1a72e6755319282c4
SHA256

be3359de9a97e1bcb986b9014977a557f4dec1ee58da5a7d6cdc566d84101a6b
SHA512

3aad011c074f52aae5b83573b0188091620407516b867b9597c84fab4d1b3650bd310dc96f61a13672e5ec0423fb438ce2afe6d198f53680f9a2fd48fa7e9de0
SSDEEP

384:N+fOE1t//U9XRwpVEKBI488/Hrg9ygEHsULMx:c2WV/UxRoVjBh/HIyvs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71e455fcc96a4f798417b8a0e5998303

Files

71e455fcc96a4f798417b8a0e5998303
.exe windows:5 windows x86 arch:x86

fa8560b3dd08ee001893e0edd10c4665

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
GetWindowsDirectoryA
lstrcatA
CreateFileA
VirtualAlloc
GetProcessHeap
TerminateProcess
IsDebuggerPresent

user32

TranslateAcceleratorW
LoadCursorW
GetDlgItemTextW
EnableMenuItem
DefWindowProcW
UnhookWindowsHookEx

comdlg32

GetOpenFileNameW
FindTextW
CommDlgExtendedError
GetSaveFileNameW
PrintDlgW
ChooseFontW

advapi32

RegOpenKeyExA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ