f7a29100b9853d891777ff449f9128bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f7a29100b9853d891777ff449f9128bb
Size

411KB
MD5

f7a29100b9853d891777ff449f9128bb
SHA1

5c47760978bd75eae322bf7ee4925934bd307e7d
SHA256

0699803364be8f8690d512f46a67a08e596b057ac47373bc143d1063419a28e4
SHA512

99c76bd443b41e43c86f4e0358a98b69f014fd31e9c37c6f90bf01272185d3558f3c4d4c7e355b200b510e90bd696f7a31d0805e57d593d9a97f05ebf895153b
SSDEEP

6144:v64MfhAzWawYm47IubLbxOR+bbf5GZg1xmZQCpWKw3gnsXJzneovJljj9+mdxq:S4Mf8FNmLSxNfxGZ+EZQH3gIHk2xq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7a29100b9853d891777ff449f9128bb

Files

f7a29100b9853d891777ff449f9128bb
.exe windows:5 windows x86 arch:x86

94cb6dedee0212696aece3f91409db46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
RtlUnwind
HeapFree
HeapDestroy
LoadLibraryA

user32

wsprintfA
CloseWindow
CharLowerBuffA
CreateWindowExA

advapi32

RegDeleteKeyA
RegSetValueA
RegCloseKey
RegEnumKeyA

ole32

CoCreateInstanceEx
CoInitialize
OleRun
CoRegisterClassObject

Sections

.text
Size: 89KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 67KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE