157e7c2836f6b0c7f0fb48b4e0e8d758 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

157e7c2836f6b0c7f0fb48b4e0e8d758
Size

161KB
MD5

157e7c2836f6b0c7f0fb48b4e0e8d758
SHA1

82c38c00f1917c9f1ee1ab9ec100c45f6bdb6e67
SHA256

40b5be1d8fd72a4bc0405fded92997d123e4cd8cac11235fb72fabdb03287faf
SHA512

3054df5a629c1ba2c31d04bda68532cbb7fc75c63405a4bdc945c887bbdd8b352fbaa113f0b6ff98b65ffb58914ae92418a5cd18471f8589e0bf5f13976d982c
SSDEEP

3072:NmRbQKapJgyfEdFKgjoJwkX5YbOqnTYQtvUxB1YSk:NQaLg6EdFUX5gU0UxfJk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
157e7c2836f6b0c7f0fb48b4e0e8d758

Files

157e7c2836f6b0c7f0fb48b4e0e8d758
.exe windows:4 windows x86 arch:x86

a1836ec5f8172fc1611514f4c80ae36b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord88

kernel32

GetCurrentProcess
GetVersionExA
GetModuleFileNameW
GetTempPathW
FindFirstFileW
CreateFileW
DeleteFileW
LoadLibraryA
GetProcAddress
FormatMessageA
GetLastError
LocalFree
FreeLibrary
FindClose
GetFileSize
CloseHandle
ReadFile
CopyFileW
RtlUnwind
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
HeapFree
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA

user32

DialogBoxIndirectParamA
EndDialog
MessageBoxA
wvsprintfA

shell32

ShellExecuteW

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ardata
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE