161fefac1e81a671db6ae9e722d3de39 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

161fefac1e81a671db6ae9e722d3de39
Size

51KB
MD5

161fefac1e81a671db6ae9e722d3de39
SHA1

d08cab79e570149e62c3b7a5f18e966f842b1fb1
SHA256

2eab8d18b81430bbde5fab4b6de24ca3fe2718c8415e4dc3b3ba7f64799e827b
SHA512

13eff1ee01640ed40acc2d31feebcc054168fab3e15a9fef32d5683b1f365dbc2e45f3e7bbc4007133cb720c83f9194524f882fcf02a294d7a407f3debfeff1d
SSDEEP

768:jqXTiXZDYzY9BswwL/6d6Oaj7s+NHux9VK3Tvh4tztr09cswBVOEgevxPlz:jNXl7r26jaj7s+JujCTvh0eZQIEdz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
161fefac1e81a671db6ae9e722d3de39

Files

161fefac1e81a671db6ae9e722d3de39
.exe windows:4 windows x86 arch:x86

bd321b1e97ddda73ac525120a887a6ea

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

urlmon

URLDownloadToFileA

advapi32

RegCloseKey

shell32

ShellExecuteA

user32

CharNextA

oleaut32

SysFreeString

Sections

.text
Size: 43KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE