7d82378e11e4ea4bd6b5af002be024b5 | Triage

Sharing

General

Target

7d82378e11e4ea4bd6b5af002be024b5
Size

24KB
MD5

7d82378e11e4ea4bd6b5af002be024b5
SHA1

f5dbc7a173883370f0c468c796d9f216384a9bb4
SHA256

e626e746dce6578fe38b3f81f7a7313260d2efabbb3eb43376aced8c736363e6
SHA512

f50710ceabf3dd047157c92415402a49841d21584d3b71d2ef406e795355ee1d8c44f76df60c730f180f89260ccfb831555a9e940ae7664087cde9d6dd3622a9
SSDEEP

192:Bs1QgkDLMWIV21tvAtx8NiLkBTaB2GGyQ+6HSK7hK:8kDLiV0vArFUTaB2GVQbyK7hK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d82378e11e4ea4bd6b5af002be024b5

Files

7d82378e11e4ea4bd6b5af002be024b5
.exe windows:4 windows x86 arch:x86

66e2d5a97197978edff6228d8e901eb7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
EnterCriticalSection
LocalFree
GetProcAddress
lstrcatA
lstrcpyA
lstrcpynA
GetFileAttributesA
GetDriveTypeA
lstrlenA
CreateProcessA
ResetEvent
WaitForSingleObject
GetLastError
CreateEventA
SetLastError
lstrcmpiA
GetVersionExA
HeapFree
HeapReAlloc
GetProcessHeap
HeapAlloc
DebugBreak
DeleteCriticalSection
InitializeCriticalSection
GetModuleHandleA
GetCommandLineA
ExitProcess
CloseHandle
GetStartupInfoA

user32

GetMessageA
TranslateMessage
DispatchMessageA
CharNextA
MsgWaitForMultipleObjects

advapi32

RegFlushKey
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegDeleteKeyA
RegQueryInfoKeyA
RegEnumKeyExA
RegNotifyChangeKeyValue
RegSetValueExA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 750B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ