026c41bb0a5cbd35c0001988ae5bb33c | Triage

Sharing

General

Target

026c41bb0a5cbd35c0001988ae5bb33c
Size

8KB
MD5

026c41bb0a5cbd35c0001988ae5bb33c
SHA1

e0bd5acf67f06ee0a119ebb5d3a579649c698c86
SHA256

e8893a8ef9660b97d93c6edd43c37eba3bb3a013703a382e7efe20671da62ee6
SHA512

23a2013beac648e2f6a7d1d731217b20f2abaec2a46a8eee02374765a4e04ca9aa397f9d1b7bd89d8149850a804d072be947565bc90456891b451ece119f73a2
SSDEEP

96:vCDiCEBVP3upSaduV3YxMJ8nalOuFyalkYes0fwm/9KCs0fwm/9TzBRasjgvytbP:dDP3upC1QnCAYswm0owm7sv4PKTae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
026c41bb0a5cbd35c0001988ae5bb33c

Files

026c41bb0a5cbd35c0001988ae5bb33c
.exe windows:4 windows x86 arch:x86

6af11a68f31dfdbdcfa85bbdad67897a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CreateStreamOnHGlobal

kernel32

GlobalMemoryStatus
GlobalAlloc
LoadLibraryA
CreateToolhelp32Snapshot
CreateFileMappingA
LocalAlloc
GetComputerNameA
CloseHandle
CreateFileA
lstrlenA
lstrcpyA
lstrcatA
WriteFile
UnmapViewOfFile
Sleep
Process32Next
Process32First
OpenProcess
MapViewOfFile
LocalFree
GetDiskFreeSpaceA
GetSystemDirectoryA
ExitProcess
GlobalFree
GetCurrentDirectoryA
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetTempPathA
GetProcAddress
GetModuleFileNameA
GetLogicalDrives
GetLocaleInfoA
GetLocalTime
GetFileSize
GetDriveTypeA

user32

ReleaseDC
GetDC
wsprintfA

oleaut32

SafeArrayCreateVector
SafeArrayUnaccessData
SafeArrayAccessData

advapi32

RegEnumValueA
RegEnumKeyExA
GetUserNameA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
RegOpenKeyExA
RegSetValueExA

shlwapi

StrStrIA

wsock32

connect
socket
send
recv
gethostname
closesocket
WSAStartup

gdi32

GetDeviceCaps

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE