130f9c3a5b0c0ab53aa9173e3b7dcac1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

130f9c3a5b0c0ab53aa9173e3b7dcac1
Size

63KB
MD5

130f9c3a5b0c0ab53aa9173e3b7dcac1
SHA1

e6a48c508d652908406594ad4342e102a5528543
SHA256

2ea6cd7aa5f15083d9705571fe41da4d804c79d290fc5f96f5c777c88e9dda70
SHA512

a44f5e3ce88921f5d6415ec3927a702bde5f2ce60bc320e68ec0d9c559b03d8eda8c4bc7f7d5b70a5985f7d644c3d0d440e83a02699e7ad163b6cf6f50919f4f
SSDEEP

1536:58Mos4ax/VOpwyp3RmrQpvg6oXuKWrJnx8uCX5yz:5Gh+opwY3RmG4lXuKUOLX5yz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130f9c3a5b0c0ab53aa9173e3b7dcac1

Files

130f9c3a5b0c0ab53aa9173e3b7dcac1
.exe windows:4 windows x86 arch:x86

8a7c8ab7b0c55a1d2edd8860ee5f19d7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
VirtualAlloc
VirtualProtect
VirtualFree

wininet

InternetOpenA

dnsapi

DnsQuery_A

ws2_32

recv

user32

GetCursorPos

advapi32

RegCloseKey

Sections

.der
Size: - Virtual size: 152KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.der
Size: 62KB - Virtual size: 64KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE