01574e4a027d0817b0fe332c752af0b7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01574e4a027d0817b0fe332c752af0b7
Size

3.8MB
MD5

01574e4a027d0817b0fe332c752af0b7
SHA1

64f86bde9715559cae33d440853158dd6ae4c9f3
SHA256

715636389ad48e0f407ba6875d6725b9f354443ead1d338d462cb39e178e7404
SHA512

ef94459e9ee6810083e70eada7e1a7e7a9b2d0ade1ae413cea8a41f58e678ac2ca4ecac8983e8377d14de14bc3c860ecf59f7f76cb6e203811b209a04625396a
SSDEEP

49152:MeFOjObyt2uioRn/ayUzS6HSSa2Mw4+Nl5/jYBQSDoyllP6Q/Ao8Ef3YJYV:nXy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01574e4a027d0817b0fe332c752af0b7

Files

01574e4a027d0817b0fe332c752af0b7
.exe windows:4 windows x86 arch:x86

f86bfd31b81f73cbcda58bc37024def1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
IsRectEmpty
CopyRect
ValidateRect
DispatchMessageA
GetFocus

kernel32

GetShortPathNameW
HeapAlloc
SetUnhandledExceptionFilter
ReadFile
ExitProcess
RaiseException
SetConsoleCP
DeleteCriticalSection
FindResourceA
GetStringTypeW
InterlockedDecrement
GetCurrentProcess
TlsSetValue
VirtualProtect
IsBadReadPtr
GetACP
GetCommandLineA
GetLocalTime
lstrlenA
DeleteFileW
HeapDestroy
GetOEMCP
VirtualFree
GetLastError
GetStartupInfoA
GetTickCount
GetModuleHandleA
SetStdHandle
GetCurrentThreadId

gdi32

SetBkMode
SaveDC
GetStockObject

lz32

LZDone

msvcrt

_vsnprintf

ole32

CoTreatAsClass

advapi32

RegEnumKeyExW

Sections

.text
Size: 519KB - Virtual size: 519KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ