231f73d2ca04df44ca897532cdadd6a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

231f73d2ca04df44ca897532cdadd6a4
Size

9KB
MD5

231f73d2ca04df44ca897532cdadd6a4
SHA1

1a2aa6cf17a6436ec08ebd6b2491131a781a3bd5
SHA256

626dd40bd1b916aab087b43a3abc970a437aa1ffe53f591a1fb9c53aba82bf45
SHA512

c20da10ed2d39989afc801f4efd08bfdeb9b7793d643b5fd450b6c97ba12b9a447dc3c3ba0ad711cc5b5d08efab53a8f44d6b58f6fc1b717581dc6c7b753735a
SSDEEP

192:YgN2ULwxxuGgPHY68fWZRRC1u27H1NZu7lNZwI2K/v:YgYUMHupbi1I2Cv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231f73d2ca04df44ca897532cdadd6a4

Files

231f73d2ca04df44ca897532cdadd6a4
.exe windows:4 windows x86 arch:x86

c1b0a9ad96c283edda3db9b8ea482944

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
WideCharToMultiByte
lstrcpyA
lstrcatA
WaitForSingleObject
ExitProcess
GetModuleHandleA
GetCommandLineA
CreateEventA
GetProcAddress
CloseHandle
CompareStringA
Process32Next
Process32First
CreateToolhelp32Snapshot
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
GetFileAttributesW
SetFileAttributesA
WinExec

user32

IsWindow

advapi32

RegOpenKeyA
RegQueryValueExA
RegCloseKey

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 568B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE