146aa14adcb375752f416fdb1b55baad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

146aa14adcb375752f416fdb1b55baad
Size

168KB
MD5

146aa14adcb375752f416fdb1b55baad
SHA1

ba8fbf3135e1023738d5085e159aee754b4adb11
SHA256

98cff532c33cd3c98bbeb2c592c47107655dedf1b9fb61b02d4a3aa1cfbca809
SHA512

e0586d723d5c7f3199182152a4f0480db1a5d86ea81c20fa39582a1688807d1d6a22a3fb984282ab731a76de96f0374fe7154f7f952d43d2445ffe5ab5dd05f1
SSDEEP

1536:9CNjd51qfim5TEEedRpGFVcb7UMqJm4V1IUgwKvRuxuhCSiegi9UYoor60ncW3m8:c51rRpzMPJmiIh4xuswfnot0x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
146aa14adcb375752f416fdb1b55baad

Files

146aa14adcb375752f416fdb1b55baad
.exe windows:5 windows x86 arch:x86

ec314a780d85246f426d7b8470970ca4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

BeginPaint
CloseWindow
DrawIcon
LoadCursorA
GetWindowTextA
GetScrollPos
DrawTextA
DrawTextW
GetDC
GetCursor

advapi32

RegEnumKeyW
RegDeleteValueW
RegFlushKey
RegEnumKeyA
RegEnumValueW
RegLoadKeyA
RegOpenKeyExA
RegDeleteKeyA
RegEnumValueA

kernel32

ExitProcess

Sections

.kaedf
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pphn
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.omeon
Size: 126KB - Virtual size: 485KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mnegf
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hbak
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ