22e7c0c63f6f8a3504dd0b4b5eaef291 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22e7c0c63f6f8a3504dd0b4b5eaef291
Size

343KB
MD5

22e7c0c63f6f8a3504dd0b4b5eaef291
SHA1

3f562e449d536877a2c658084b1b46f684707697
SHA256

11060821a6deb5b2d0d1ecabec85edf902584a17aca69add2e537c9ab0270f08
SHA512

9619fa19784322c336257a1da3f3969ee9597eb78506ae0ad64f043009494edecd97dad6266e6f6b11a7c26935d2e623b41e5cf1d28d9686d063fdc82d3c8a9c
SSDEEP

6144:MAZo1BgCGEZ8dTN/RJnuRn+amqLXR2EkcCAAdiQUFnL/WkF4XRd55:hODZ8HusCKc0UF7heXRd55

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22e7c0c63f6f8a3504dd0b4b5eaef291

Files

22e7c0c63f6f8a3504dd0b4b5eaef291
.exe windows:5 windows x86 arch:x86

b3a3d438cc337614c28109b5fc7574ac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoW
LoadLibraryA
GetProcessHeap
GetModuleHandleA
GetProcAddress

advapi32

RegCloseKey
RegOpenKeyA

Sections

.text
Size: 339KB - Virtual size: 339KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ