13fac88ea4f6c2e98bf6fc1f139cc312 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13fac88ea4f6c2e98bf6fc1f139cc312
Size

158KB
MD5

13fac88ea4f6c2e98bf6fc1f139cc312
SHA1

aca0782d8718310a09dac7877484c557cf44cb73
SHA256

b38f33b0878d6b23845c8ae7483b07c0751d8d229ac37d0371065594912dc816
SHA512

42b0cb51b6da2c9d0b8bb8306655ff2752df535fc9b6313eac5144c8369c9a62cba1f1026b2a49a6b339804bb715f8907499c800d9edbc90cf9d140ae483a727
SSDEEP

3072:mTXu5bwrYgWaPIA5ZI0bWsshCBkbhGUs2wuEHearl6zclpKVRz:C+5bwr5ZI0sC+12PuE+aozisV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13fac88ea4f6c2e98bf6fc1f139cc312

Files

13fac88ea4f6c2e98bf6fc1f139cc312
.exe windows:4 windows x86 arch:x86

b7e5b56c01c06bb548846ee089d559d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

urlmon

URLDownloadToFileA

comdlg32

GetSaveFileNameA

Sections

CODE
Size: 149KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE