221e185ab4d305d80e48a6a1783d2f26 | Triage

Sharing

General

Target

221e185ab4d305d80e48a6a1783d2f26
Size

13KB
MD5

221e185ab4d305d80e48a6a1783d2f26
SHA1

a27af1e914c6e38052159938398f558a103bfbcb
SHA256

e0e4f40c851e3b881dca00a5c64ff9883ffab65c42d356972e0747e6cd3cdf72
SHA512

6f61026acc25d8740854aff94a3a01a58d5610a974f1b4b70a516e6917123daf2e8b9754cfe1345c12467f1354a052d869ca60421477fa5745b7b50751744192
SSDEEP

192:bJtaf0lHaoQr+aXe04egU59HDSUg5a1Y/jAC8y+oz4arOfCIsy3Hsulvn7OKi7Xn:nardbD4BUDGZ5a1Y/cGevnSKc2m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221e185ab4d305d80e48a6a1783d2f26

Files

221e185ab4d305d80e48a6a1783d2f26
.exe windows:4 windows x86 arch:x86

4e61de489d253dae75eeebda56e2c70c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strncpy
strlen
memcpy
strcat

kernel32

GetModuleHandleA
HeapCreate
GetCurrentProcessId
HeapDestroy
ExitProcess
GetModuleFileNameA
GetShortPathNameA
CreateProcessA
CloseHandle
GetSystemDirectoryA
GetLastError
GetTickCount
HeapAlloc
HeapFree
FreeLibrary
LoadLibraryA
GetProcAddress
DeleteFileA
GetDriveTypeA
FindFirstFileA
FindClose
GetFileAttributesA
WriteFile
CreateFileA
GetFileSize
SetFilePointer
ReadFile
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
TlsAlloc
TlsGetValue
HeapReAlloc
TlsSetValue

Sections

.code
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 263B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE