104adff54d28a3910706d9224e6d8130 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

104adff54d28a3910706d9224e6d8130
Size

179KB
MD5

104adff54d28a3910706d9224e6d8130
SHA1

2bc9671f7a2511ef8d78f8c0318cb85a84cbdec0
SHA256

cd2717ed6e1c9c3536d67a3c77f5b4843baa50574155402a5ba3f339411e2116
SHA512

6b97ee0b70eacf101c375e89d93f9f359f87bcca9c2dc043e4a5cb01b39bfefe40d20eaaa0091788868ce4d6adb063ebc4be4120d7f411cdfa63f55e51875642
SSDEEP

3072:eCpXyoPhXHBBtIyjuVwFeV0p/fr4KkMXHhIhVsM3XyzYmGU+smA5MCO:e7opXhBW1Vqr4KHyBHyzYmGJsJ5M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
104adff54d28a3910706d9224e6d8130

Files

104adff54d28a3910706d9224e6d8130
.exe windows:4 windows x86 arch:x86

565038e17f4f9e7d4bb704c1eb28eac9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetAtomNameA
GetLocaleInfoA
GetConsoleOutputCP
MultiByteToWideChar
GetCPInfo
TlsAlloc
GetTimeFormatA
IsValidCodePage
HeapSize
TlsSetValue
EnumResourceTypesA
GetOEMCP
HeapReAlloc
SetThreadExecutionState
GetDateFormatA
SetStdHandle
RtlUnwind
TlsGetValue
SetFilePointer
VirtualAlloc
WriteConsoleA
RaiseException

shell32

SHDefExtractIconA
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ