185091afc32396310d9982fabef49abf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

185091afc32396310d9982fabef49abf
Size

4KB
MD5

185091afc32396310d9982fabef49abf
SHA1

429cae5b8907d3aedb13607cff5926fc5eb2641f
SHA256

204b54483741ca59ab37b68f704071e00b754609999d2cec01dfa540bdbc0c4d
SHA512

bb36e55f1655aff323b0016b873c6d24e50a4421f153500c5ffc4a3933f013d6fc4d7dd1281d8d580e3cc58430933ad4e708e068b0a9737156e342999e9a1c18
SSDEEP

96:Z1zVb5eI1ZkEVmXyOXzxJLW3qsiaRUqe:nVb5egJmX/9Ja3qsigUqe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
185091afc32396310d9982fabef49abf

Files

185091afc32396310d9982fabef49abf
.exe windows:1 windows x86 arch:x86

7fc8a871ff1eb82604471bca09bacb5f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateFileA
ExitProcess
GetEnvironmentVariableA
GetModuleFileNameA
GetProcAddress
GetShortPathNameA
GetSystemDirectoryA
LoadLibraryA
LocalAlloc
WriteFile
lstrcatA
lstrcpyA

shell32

ShellExecuteA

Sections

.flat
Size: 512B - Virtual size: 365B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE