250b8e2137f22107bd5634fb91d5a9a4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

250b8e2137f22107bd5634fb91d5a9a4
Size

170KB
MD5

250b8e2137f22107bd5634fb91d5a9a4
SHA1

a83182ac1fab0c69fbb6bd06b207957851a57f42
SHA256

cfe3b3ad9a016ab1a27fb13b48ca1a8a9c60f950fcd0ddb0448d1a541a1fd186
SHA512

d3290f516da84793436673ac5a879384538047bf7ee854078ac906e5472672821f4532cc99f262806fedfb2f22bb64885906ce14f7a6ccff6375e06d7c4e2220
SSDEEP

3072:5WH4YL72hoIbNVKfynr4qxBBdGr441Kh76Vk7nr:56LGVbN8ybCM5h762nr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
250b8e2137f22107bd5634fb91d5a9a4

Files

250b8e2137f22107bd5634fb91d5a9a4
.exe windows:4 windows x86 arch:x86

cc0984a1c92e867a622654185f86b571

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_beep
_except_handler3
_exit
_assert
__p__commode
_c_exit
__p__fmode
_access
_acmdln
_atoi64
exit
_cabs
_controlfp
_chdir
_adjust_fdiv
__setusermatherr
_atoldbl
__set_app_type
_XcptFilter
_initterm
__getmainargs

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExA
WmiQuerySingleInstanceW
WmiReceiveNotificationsA

kernel32

TerminateProcess
GetCurrentProcessId
GetCurrentProcess
GetCurrentThreadId
GetTickCount
GetStartupInfoA
GetModuleHandleA
VirtualAlloc

oleaut32

GetActiveObject
SysAllocStringByteLen
VariantClear
SafeArrayGetUBound
SafeArrayCreate
SysFreeString

Sections

.textbss
Size: - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ