f866f2c40915a8dd9af23018d143b758 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f866f2c40915a8dd9af23018d143b758
Size

745KB
MD5

f866f2c40915a8dd9af23018d143b758
SHA1

96476ef65e70a3cc5998692a0832acb0d8b5273b
SHA256

53dd10cb300d8a91def9631eef8318a53bc07cb0fe8bea7274738c306fd2f00a
SHA512

f70448b91bd8bbe57e6682fa00151e48ee48edccf1528e3cfd90cf94e46c4c63d19857932cdcb2dd7c97b870f319ff533be912238db05b7e6d46943d0fc72750
SSDEEP

12288:nB89wOGkzTn6SfuRdXXuYIVSoWDdD04WNvC4VZo8eBXIxqTtexF/Iuq+oHPrhue0:B8FGkzL7fQdXXuIoM4VZoxBXMwexO8o0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f866f2c40915a8dd9af23018d143b758

Files

f866f2c40915a8dd9af23018d143b758
.exe windows:4 windows x86 arch:x86

044050e6a05feeed350d3b01a31db347

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
CloseHandle
SetLastError
HeapSize
Sleep
ExitProcess
SetLastError
GetFileTime
DeleteFileW
VirtualAlloc
WaitForSingleObject
CreateFileA
GetVersion
IsBadReadPtr
FindAtomW
EnterCriticalSection
GetModuleHandleA
GetEnvironmentVariableW
GetCurrentDirectoryA
SuspendThread
SetFileAttributesW
RemoveDirectoryA
GetFileAttributesA
GetCommandLineA
ReadFile

cryptui

DllRegisterServer
CryptUIDlgFreeCAContext
CryptUIDlgFreeCAContext
CryptUIDlgFreeCAContext
CryptUIDlgSelectStoreA
CryptUIWizExport
CryptUIWizDigitalSign
CryptUIDlgViewContext
LocalEnrollNoDS
LocalEnroll
CryptUIWizBuildCTL
DllUnregisterServer
CryptUIWizImport

cmpbk32

PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter
PhoneBookFreeFilter

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 737KB - Virtual size: 737KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ