15ac2edb9d59794c88b8f1bb610b741f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15ac2edb9d59794c88b8f1bb610b741f
Size

90KB
MD5

15ac2edb9d59794c88b8f1bb610b741f
SHA1

6f52672045b1d4f6e394cf235b6cee054012c01b
SHA256

f95c47beff44d67c0493629045e62e784f9b45110d7912306fcc760f759253a1
SHA512

5256ba5f4bc664f5a88a7d081f3e6c5f4296b71a2b556a392b5fe2f5e63371d9a76f892bd3d818340aa4410a3c93f20808c2bea0ddb1ab417dbd1cf6e4839945
SSDEEP

1536:I74tSC9akXRMWPuFmbfCDYQtywbuFb8M358un59hEJHSABLM+:IuSC9aZ8ETruqM35TnExRM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ac2edb9d59794c88b8f1bb610b741f

Files

15ac2edb9d59794c88b8f1bb610b741f
.exe windows:4 windows x86 arch:x86

de6fdcdc7f4ad649a7529bf91b3c3b02

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

ws2_32

WSCInstallProvider

Sections

CODE
Size: 85KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE