72c160e336cd8f71851c59814004357e | Triage

Sharing

General

Target

72c160e336cd8f71851c59814004357e
Size

198KB
MD5

72c160e336cd8f71851c59814004357e
SHA1

1a606237bf6d369b327a024a9d484e3b1e9fe21d
SHA256

c61825f8fc247a4d2c8f812fcadce1a3c5a7fce2bef1b65bc24f71ca03ab712e
SHA512

ae1a2775fc8797155c30c757a8553f2fae7b6c527038878a1acf8f1d12f85ee8498842c6a479b00da5af5e9e1b2c5a97fe551feab56eb098543533762efdb773
SSDEEP

3072:8fvrSqqQq2fE5KMbSKXIN8x1TVMWLGzN:8H+qqQqYExbXYy6sGz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72c160e336cd8f71851c59814004357e

Files

72c160e336cd8f71851c59814004357e
.exe windows:5 windows x86 arch:x86

38c9ac7a2cdfe62953b467732a1dbe7a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegCreateKeyA
RegEnumKeyExW
RegEnumKeyA
RegEnumValueA

user32

CopyImage
LoadMenuA
AppendMenuW

Sections

.ofmh
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.jpmkk
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.olepk
Size: 134KB - Virtual size: 406KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jcgjg
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ