179abaa3c3cdb54d511bb78f58aa991f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

179abaa3c3cdb54d511bb78f58aa991f
Size

256KB
MD5

179abaa3c3cdb54d511bb78f58aa991f
SHA1

4df41471ed3e4f3d0bb5c3f6de1d62b7898ad477
SHA256

379286e18564c9e42b0bc6fc3285354777dbce7d2ba2eeccfaf3b296d0354087
SHA512

5c7f55d415bb4009644f1c45e3bb8ec6177b0d2122ce562cf3933c58e03af83ae5ce24376c6cb70a651d68580aa393eaa48d7f6046728664240259b7247b1933
SSDEEP

6144:yUlylMPKfJB/CwbBAeAEYKN72ST6fT5j1fKZV:diRdCw1dt2K6l1yZV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
179abaa3c3cdb54d511bb78f58aa991f

Files

179abaa3c3cdb54d511bb78f58aa991f
.exe windows:260 windows x86 arch:x86

2a89cf9d38e714d90c7fdbc2e4f8db76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_AGGRESIVE_WS_TRIM
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_SYSTEM
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

CharNextA

advapi32

RegCloseKey

oleaut32

SysFreeString

ole32

OleInitialize

pstorec

PStoreCreateInstance

rasapi32

RasEnumEntriesA

shell32

SHGetSpecialFolderPathA

crypt32

CryptUnprotectData

Sections

.MPRESS1
Size: 244KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RSRC
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE