7e857ceef22aabf54b693ca02552e3d5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e857ceef22aabf54b693ca02552e3d5
Size

337KB
MD5

7e857ceef22aabf54b693ca02552e3d5
SHA1

31ebee6fdc4065bf776164895f074c4bbcf7ab32
SHA256

c6fccde76dbcd296e539b762d5f23c43ce176183a1d631f3e1fa0c71f2b11c53
SHA512

d61a74e8950c8f1596ee6bdfffe6efa6c4e35cbbbda385151c1a003f7ec731261f2613b5494d73abc658eebf44a78f44e623812b6f9228f0bd2819c177bbf855
SSDEEP

6144:dwmGIO5n03uF3cGxzxMInJypPdGn16/oXauAiiNTSW9:Zm038b3askoqudK9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e857ceef22aabf54b693ca02552e3d5

Files

7e857ceef22aabf54b693ca02552e3d5
.exe windows:4 windows x86 arch:x86

e32261c61dee82b82245afda46dd3651

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveExtensionA
PathFindExtensionA
StrChrA

kernel32

GetExitCodeProcess
CreateThread
ExitProcess
FindResourceA
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
lstrlenA
GetCommandLineA
lstrcatA
lstrcpyA

user32

wsprintfA
LoadStringA

Sections

.text
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 891B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 334KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ