0724b81a34897795be1293998ea7d502 | Triage

Sharing

General

Target

0724b81a34897795be1293998ea7d502
Size

102KB
MD5

0724b81a34897795be1293998ea7d502
SHA1

70c70bcc179268e62fbdf87b5acd1040092e8cbb
SHA256

56fbf582d45446917ab372615aa33517e6b12aa700da939cd4da442ef1121c29
SHA512

4428bdece63eeaff70a5ce47c45bab179fa6590f8253d0b13566573b694324719ec2a5401ab3124f78a5dee1aff1700a9682ae471e40367e3a1292bd5281a4d1
SSDEEP

768:km5eUiaU/8mBL1TGEUMt53BnrlREvFAvs2pprT4CTpPrJFLpmPOF0Pa8D5mNhxzX:d+Xk747Tp7EPrPa89ktj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0724b81a34897795be1293998ea7d502

Files

0724b81a34897795be1293998ea7d502
.exe windows:5 windows x86 arch:x86

e59909e47966ac8c0c94afb14dd28890

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyExA
RegCreateKeyA
RegQueryValueExA
RegEnumValueA
RegGetKeySecurity
RegQueryValueW
RegQueryInfoKeyW

kernel32

GetStdHandle
OpenFile
OpenFileMappingA
lstrcatA
DeleteFileW
ExitProcess
GetLastError
lstrlenA
FindClose
ReadFile
GetFileType
HeapFree
HeapAlloc
FormatMessageA
GetCommandLineA
GlobalFree
GetPriorityClass
CreateDirectoryA
GetCPInfo
CopyFileA

user32

GetMenu
GetWindowTextA

Sections

.1bea
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gb067
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9a65
Size: 50KB - Virtual size: 373KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e302
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.85g6
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ