0421dc6d14acb164294d08df629bbf0a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0421dc6d14acb164294d08df629bbf0a
Size

160KB
MD5

0421dc6d14acb164294d08df629bbf0a
SHA1

64c73106fdc1e97d752fe7af3c1caeba78c183de
SHA256

7ff0306004bcbe77d9653f6203d03fb1dc36cfcaaa487ddeb1c497cdf33a21a1
SHA512

4c35756421701a258f9e8907f45d50198805a0cfd65012389ced60e417007431d40abf447edbe1508cf50f3ec0805f6334db9095e1f5cd6ade889aa5879ee526
SSDEEP

1536:/Z9thJ63IjSKEd4bnLJsinsJXVSqwGvqrXjBriq3ESZTvlphh/4N:I4j/Ed4bnLJVnsJXE7Gir1mr+Lhhg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0421dc6d14acb164294d08df629bbf0a

Files

0421dc6d14acb164294d08df629bbf0a
.exe windows:5 windows x86 arch:x86

a22c50fd4807ff8514f6f04a12783d56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCreateKeyA
RegQueryValueW
RegCreateKeyExW
RegDeleteKeyA
RegEnumKeyExW
RegEnumValueA

kernel32

ReadFile
DeleteFileW
ExitProcess
FlushFileBuffers
GetStdHandle
lstrcmpA
OpenFileMappingA
ExitThread
GlobalFree
GetFileType
GetLocalTime
lstrcatA
HeapAlloc
GetPriorityClass
CopyFileExA
OpenFile
lstrlenA
FreeResource
GetCommandLineA

user32

AppendMenuW
GetWindowTextLengthA
GetWindowTextA
GetScrollInfo

Sections

.14g0h
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.38hf
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.d66h
Size: 115KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e5de
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.88ah
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ